我在 Rails 中为社交应用程序编写了一个 API。这个应用程序喜欢 Facebook,用户可以阻止其他用户。如果用户 A 阻止用户 B,则用户 B 无法查看用户 A 的个人资料页面。那么我应该返回的最佳 HTTP 代码状态是什么:404、403、204 或 200(不显示任何内容)?
最佳答案
我更喜欢使用 403 Forbidden
The 403 (Forbidden) status code indicates that the server understood the request but refuses to authorize it. A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any).
If authentication credentials were provided in the request, the server considers them insufficient to grant access. The client SHOULD NOT automatically repeat the request with the same credentials. The client MAY repeat the request with new or different credentials. However, a request might be forbidden for reasons unrelated to the credentials.
An origin server that wishes to "hide" the current existence of a forbidden target resource MAY instead respond with a status code of 404 (Not Found).
关于ruby-on-rails - rails api 中被阻止的用户配置文件的最佳 HTTP 状态代码是什么?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41332740/