From 5c91aed972aacf2bac6c5a8a29100a79708cbce5 Mon Sep 17 00:00:00 2001 From: Eniz Vukovic Date: Fri, 25 Jun 2021 17:47:19 +0200 Subject: [PATCH] Replace HTTP 403 error status with HTTP 400 HTTP 400 status code fits better in a context where the client is responsible for the error, i.e., when the client sends unexpected or malformed data. MDN reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400 --- lib/routes/helper.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/routes/helper.js b/lib/routes/helper.js index 916f883f..13fc34c2 100644 --- a/lib/routes/helper.js +++ b/lib/routes/helper.js @@ -14,8 +14,8 @@ helper.validate = (someObject, someDefinition, callback) => { Joi.validate(someObject, someDefinition, { abortEarly: false }, (err, sanitisedObject) => { if (err) { return callback({ // eslint-disable-line standard/no-callback-literal - status: '403', - code: 'EFORBIDDEN', + status: '400', + code: 'EBADREQUEST', title: 'Param validation failed', detail: err.details }) @@ -28,8 +28,8 @@ helper.validate = (someObject, someDefinition, callback) => { helper.checkForBody = (request, callback) => { if (!request.params.data) { return callback({ // eslint-disable-line standard/no-callback-literal - status: '403', - code: 'EFORBIDDEN', + status: '400', + code: 'EBADREQUEST', title: 'Request validation failed', detail: 'Missing "data" - have you sent the right http headers?' }) @@ -37,8 +37,8 @@ helper.checkForBody = (request, callback) => { // data can be {} or [] both of which are typeof === 'object' if (typeof request.params.data !== 'object') { return callback({ // eslint-disable-line standard/no-callback-literal - status: '403', - code: 'EFORBIDDEN', + status: '400', + code: 'EBADREQUEST', title: 'Request validation failed', detail: '"data" must be an object - have you sent the right http headers?' })