- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Error 500: comment not found
Admin
frist on rails again
Admin
Except request.format is presumably derived from the Accept headers, in which case 406 is more more appropriate.
Admin
Error 418 is the most appropriate error code for all situations.
Admin
There's also a useful convention based around using indentation to convey the structure of your code.
def unique unless request.format == 'application/json' head :unauthorized return end status = if ["user_name", "email"].include?(params[:id].to_s) User.exists?(params[:id] => params[:value]) ? 200 : 404 else 500 end render :json => {}, :status => status endAdmin
The real WTF is using Ruby on Fails...errr I mean Rails.
Admin
[+1] for the complete absence of unnecessary embellishment in the story.
[+1] for making the effort of explaining that Ruby on Rails code snippet.
And another [+1] for the fact that the explanation is good enough so that someone not familiar with Ruby on Rails can understand the code and the wtfs presented in the article.
Admin
= (+1 +1 +1) * 2 // From me
Admin
Admin
Admin
BBQed.
Admin
I would have written a comment, but it seems to be in vain as the article says: "pay no attention to the comments"
Admin
Admin
These types of articles were the reason I came to this site.
Admin
http://blog.inedo.com/2010/10/12/http-418-im-a-teapot-finally-a-%e2%80%9clegitimate%e2%80%9d-use/
Admin
Admin
Wow.
Much great.
Such speed.
How Ruby!
Wow.
Admin
Admin
Admin
Admin
15 comments no defense yet? I'll give it a shot (keeping in mind I have never read Ruby or similar looking language before).
Request.format != application/json return unauthorized. Makes perfect sense, if this particular module is reached by some method other than the expected interface, the user is "url hacking" and should be denied. A 400 would be more appropriate if an impossible email address/username had been provided and the script was setup to detect this.
the note on :id struck me as odd for a language, quick google gives a stackoverflow msg with hammar posting that :id would correspond to user_name in the /users/unique/user_name path. Anyone want to give the doc?
404 means "not found". 404 Not Found The requested resource could not be found but may be available again in the future
The resource was in fact found so 404 is inappropriate, 500, internal error is more appropriate when you take into account that this is supposed to be referenced only by an application. Quick google says 420/449 may be more appropriate for detail but 500 should be sufficient.
Admin
Hm. We had one of those a few weeks back in '13, if I remember correctly...
Admin
Which topic was it under? Some days I don't follow the comments and that sounds of interest.
Admin
Ignore this line.
Admin
- From the spec:
So 401 should only be returned when the request needs to be authenticated. Not when the request has the wrong format type.Also the resource being requested is info on the user. If the user doesn't exist then the resource doesn't exist. It's somewhat subjective though.
Admin
Admin
A 500 error generally means "something went wrong with the server, we have no idea what, go talk to the admin". In Rails it's generally sent by the framework, not application code.
The main culprit with this code is the total misunderstanding of what the "ID" part of the URL is. The ID is the record you are trying to find. If you don't have a record ID, you simply do not use the ID field. This means setting up your route as a "collection" rather than "member" route, and the URLs should really look like this:
and the main code should look like this:
status = if params[:username].blank? && params[:email].blank? 400 else conditions = params[:username].present? ? {:username => params[:username]} : {:email => params[:email]} User.exists?(conditions) ? 200 : 404 endI could make it more generic in case one wants to search for different keys, but this works for the simple case.
Admin
I too thought with much great speed to make a doge style comment, but one had already appeared so does not really qualified.
Captcha: odio Odio los errores of grammatik in keine articulo.
Admin
That may make sense to you, but is blatantly wrong. 401 is for situations when authentication fails. Typically, the website wants a password and the client didn't provide one, or the website wants a password and the client provided an incorrect one. More often, it's not a password but some security token supplied in the headers. Together with the 401 error, the server needs to send a challenge that the client can respond to by providing the right authentication and making the call succeed (obviously, the server would check authentication before it checks anything else, to avoid giving a hacker information).
Summary: 401 is for errors that can be fixed by providing authentication. If the server only handles application/json, that is not a problem that can be fixed by providing authentication, therefore a 401 is wrong.
Admin
Yep, best TDWTF in many [unit of time]s.
Admin
Admin
WTFRuby on WryRails!
Admin
blue comment please!!!
Admin
Damn you beat me to it :(
Admin
The only legitimate use for a 418 is http://httpcats.herokuapp.com/418
Well, I'm trying to get past the filter, but it is failing.
I'm starting to think TRWTF is this moronic spam filter what can't tell the difference between legitimate comments and spam. I wonder how long I'll need to continue adding text to this comment before it allows me to post.
I'm just going to start snipping quotes.
Admin
pthh, indentation is for those losers using python. Ruby is not python and doesn't use indentation. Don't ruin a perfectly good code snippet by adding a feature only required in other languages.
[/troll]
Admin
The resource should be returning a status in the 4xx error-range! In case you want to distinguish this from the other 404-case: What about 406 "Not Acceptable"?
Admin
I am disappointed that Dr Joseph Reddington's HTCPCP enabled Teapot didn't rate higher.
Admin
And yet the most stolen Colorado Road Mile Marker is 420. (for obvious but rather different reasons...)
tho' one wonders whether a bunch of nerds wouldn't steal the 404 mile marker, which then, of course would be in a tautological situation!
Admin
I want to know why the article presumes the comments are incorrect. Granted, they don't tell us what the code is actually doing, but perhaps they tell us what the code is supposed to be doing. Maybe TRWTF is that the code blatantly ignores the very simple URL requirements as documented in the comments?
Admin
didn't they just change them to 419.99 mile markers?
Admin
I guess it's relative. They're incorrect in documenting what the code is actually doing, regardless of what the spec is.
Admin
Indeed. It made me warm and fuzzy inside. It's a glimmer of hope for this site.
Admin
Citation? Colorado is 380 miles by 280 miles (roughly) ... it seems unlikely that there would be many roads over 400 miles long in the state.
It does appear that I-70 would have a milepost 420.
captcha: sino. cellocgw claims that milepost 420 is the most stolen sino in Colorado. Rocky mountain high!
Admin
I appreciated the explanation. Thank you.
Sincerely,
Gene Wirchenko
Admin
https://maps.google.com/?ll=39.327725,-102.061357&spn=0.046807,0.055447&t=m&z=14&layer=c&cbll=39.32768,-102.077998&panoid=uwv6nLmr4JY5th9fKFr7lA&cbp=12,113.29,,0,25.62
Admin
Colorado replaces marker 420 with 419.99 to foil 'weed enthusiasts'
Admin
Ha ha... I just tried to find the 420 mile marker on Google's street view, and the eastbound mile marker was already stolen. The westbound one is still there, though that street view could have been done on a different day.
It's just east of Stratton, for those of you who want to save a few minutes.
And both of the 404 markers are there, but the westbound one seems to actually be 4O4.
Admin
The only defense I can give for this code is that the original wasn't missing indentation. Other than that, I'm pretty sure the author was drunk or something.
Admin