Idea I am not sure whether I like: Normalize saying "200" as a response to "how are you doing?", as in "200 OK". In this proposal this would be a somewhat weaker alternative to saying "okay" because it communicates only "no active errors". "How are you doing?" "Nominal"
@mcc just like real life
HTTP/1.1 200 Ok
{"error":"you just have to say you're fine when you're not really fine"}
@prozacchiwawa @mcc triggered truma of an internal service returning 200 "error: 4xx: description"
@prozacchiwawa @mcc we literally have a major service provider here with a documented API of always returning 200 OK and providing a status field for the real status. It blows my mind.
@norbipeti @prozacchiwawa @mcc There are two reasons for this. Not good reasons.
1. Sadly, it's a lot easier to tell all your deyolopers to ignore HTTP status than to configure your WAFs and proxies properly to pass on bodies with non 2xx statuses, and
2. If you've got a thick stack of load balancers and WAFs, VMs, routers, etc, and an error happens, there's no way to ensure that every participant in the stack will throw a conformal and useful error, or even documenting the scope of possibilities. So in a way, 200 OK means ‘ok, this is a response from the application and you're ok to parse it with JSON according to the API’ and non-200 means something architectural is happening that is almost certainly not your fault and you have no way to handle it.
It's bad but it does make a certain kind of sense - does a 401 mean the user needs to log in, or does it mean the WAF is rejecting the initial connection? These require massively different handling, and this pattern supports low-touch infra logging and tooling.