What status code should I return for a connection error?
503 Service Unavailable seems like an appropriate choice. The 4xx codes are meant to indicate the client did something wrong. In the case you specify, it’s a service error.
http
Microk8s dashboard using nginx-ingress via http not working (Error: `no matches for kind “Ingress” in version “extensions/v1beta1″`)
To fix the error error: unable to recognize “ingress.yaml”: no matches for kind “Ingress” in version “extensions/v1beta1 you need to set apiVersion to the networking.k8s.io/v1. From the Kubernetes v1.16 article about deprecated APIs: NetworkPolicy in the extensions/v1beta1 API version is no longer served – Migrate to use the networking.k8s.io/v1 API version, available since v1.8. Existing … Read more
Chrome Dev Tools is it possible to keep open even after window closes?
You could set an window close event breakpoint. This way the debugger stops the window (popup) from closing. devtools -> scripts (or sources) -> event listener breakpoints -> Window -> close Link to Chromium rfc
Simple HTTP server for logging requests only [closed]
For some super simple alternatives, there’s netcat: $ nc -l -p 8080 And python’s inbuilt: $ python -m SimpleHTTPServer 8080 (In recent versions of python, 3?) this is now: $ python -m http.server 8080 Netcat won’t serve responses so you may not get too far, SimpleHTTPServer won’t show POST requests (at least). But occasionally I … Read more
oauth2 error AADSTS90014: The request body must contain the following parameter: ‘grant_type’
You shouldn’t send grant_type neither in params nor in headers. Those should be sent in body params then only it will work. Url: https://login.microsoftonline.com/common/oauth2/v2.0/token client_id, scope and redirect_uri params can be sent as query params. where as grant_type, code and client_secret should sent in body params. grant_type:authorization_code, code: {code you got from the authorization step}, … Read more
Shall I use the Content-Security-Policy HTTP header for a backend API?
CSP is a technique designed to impair xss-attacks. That is, it is most useful in combination with serving hypermedia that relies on other resources being loaded with it. That is not exactly a scenario I would expect with an API. That is not to say you cannot use it. If there really is no interactive … Read more
Multiple Set-cookie headers in HTTP
RFC 6265 section 4.1.2 states: If the user agent receives a new cookie with the same cookie-name, domain-value, and path-value as a cookie that it has already stored, the existing cookie is evicted and replaced with the new cookie. Notice that servers can delete cookies by sending the user agent a new cookie with an … Read more
How to send request with content type header?
Add HTTP Header Manager and add your desired header there:
When should an asterisk be encoded in an HTTP URL?
##Short answer The current definition of URL syntax indicates that you never need to percent-encode the asterisk character in the path, query, or fragment components of a URL. HTTP 1.1 As @Riley Major pointed out, the RFC that HTTP 1.1 references for URL syntax has been obsoleted by RFC3986, which isn’t as black and white … Read more
Can a http server detect that a client has cancelled their request?
While @Oded is correct that HTTP is stateless between requests, app servers can indeed detect when the underlying TCP/IP connection has broken for the request being processed. Why is this? Because TCP is a stateful protocol for reliable connections. A common technique for .Net web apps processing a resource intensive request is to check Response.IsClientConnected … Read more