Hi,
In the following few lines I am going to propose safer data format for
error message exchange from Server to Client. This discussion actually
began in the thread by the name: "Responsibility for safe use of message in
HttpServletResponse.sendError(int, String)". Nevertheless, I was suggested
to open new thread for this discussion, and I respect it.
The error message offered by a servlet-based application by calling
HttpServletResponse.sendError(int, String), is generally formatted as
"text/html" for its rendering with the client. However, there is no
guarantee that the client always awaits to receive error messages in
"text/html" format!
And that is why it may be proposed that rather than generalizing the error
messages as "text/html", it would be much safer if the component generating
the error message could look into the ACCEPT Header of the requesting
client and then format the error message accordingly. So now if, for
example, client awaits responses in "application/json" format, container
component could generate corresponding error message in "application/json"
format for the client rather than "text/html".
Sincerely,
M. Nawazish. Khan