discourse

mirror of https://github.com/discourse/discourse.git synced 2025-02-11 13:55:07 +00:00

History

Andrew Huling e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.

500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.

2015-05-14 16:03:02 -04:00

assets

FIX: replaceWith on leaf routes changed behavior in latest ember

2015-05-14 13:44:57 -04:00

controllers

In the case of an expired nonce, return a 400 status code instead of a 500.

2015-05-14 16:03:02 -04:00

helpers

FIX: include youtube link in embedded comments

2015-05-01 18:34:45 +05:30

jobs

FIX: user archive export was failing in some cases