social.distributed.press
social.distributed.press copied to clipboard
hyphacoop
Inconsistent responses on inbox methods
While working on the Inbox client I've noticed this:
| Method | Path | Status code | Content Type | Response |
|---|---|---|---|---|
| GET | /v1/:actor/inbox | 403 | text/plain | "Not allowed" |
| GET | /v1/:actor/inbox | 200 | application/json; charset=utf-8 | APOrderedCollection |
| POST | /v1/:actor/inbox | 400 | application/json; charset=utf-8 | {"statusCode"=>400, "error"=>"Unauthorized", "message"=>"Must specify 'actor' URL in activity" } |
| POST | /v1/:actor/inbox | 403 | application/json; charset=utf-8 | {"statusCode"=>403, "error"=>"Forbidden", "message"=>"Submitted activity must be from signed actor [...]"} |
| POST | /v1/:actor/inbox | 200 | text/plain [^1] | { "message": "ok" } |
| DELETE | /v1/:actor/inbox/:id | 403 | text/plain | "Not allowed" |
| DELETE | /v1/:actor/inbox/:id | 200 | text/plain | "ok" |
| POST | /v1/:actor/inbox/:id | 403 | text/plain | "Not allowed" |
| POST | /v1/:actor/inbox/:id | 200 | text/plain | "ok" |
https://www.w3.org/TR/activitypub/ doesn't say much about status codes, I see Mastodon just replies 202 Accepted[^2] for every case with an empty response while receiving an activity.
Could we make all errors return a JSON object and AP content type? I'd change the three status codes for remote instances to 202, which doesn't make any promise about the request, just in case someone expects it to be exactly this number.
[^1]: I'll need time to produce all errors, so I read inbox.ts instead. The default response type for this request is set to string.
[^2]: Wikipedia: The request has been accepted for processing, but the processing has not been completed. The request might or might not be eventually acted upon, and may be disallowed when processing occurs.
