#259 /~username should give 404 if user doesn't exist

Slash 2.3/2.4
closed-rejected
nobody
None
5
2003-03-03
2003-03-03
Ed Avis
No

The page /~fred gives information about the user fred.
But if fred does not exist (or if you mistyped the
URL) it still returns a 200 OK http response. For example

% wget http://slashdot.org/~fongrel
--13:15:26-- http://slashdot.org/%7Efongrel
=> `%7Efongrel'
Resolving slashdot.org... done.
Connecting to slashdot.org[66.35.250.150]:80... connected.
HTTP request sent, awaiting response... 200 OK

Instead, the response from the server should be 404 Not
Found. The page served can still give the message
about the user not existing.

Discussion

  • Rob Malda
    Rob Malda
    2003-03-03

    Logged In: YES
    user_id=288856

    I don't understand why this matters?

     
  • Rob Malda
    Rob Malda
    2003-03-03

    • status: open --> closed-rejected
     
  • Ed Avis
    Ed Avis
    2003-03-05

    Logged In: YES
    user_id=10769

    You are right that this isn't very important. However there is some point to it. Suppose someone makes a link to
    <http://slashdot.org/~fongrel> and a web spider picks it up. Then as far as the spider is concerned it's just a
    normal page, there is no indication from the server that the URL is incorrect. In other words, the 'user not found'
    response should be machine-readable as well as human-readable. Or consider a web browser which catches 404
    errors and presents them to the user with 'did you mean to type...'.

    You could ask the same question about ordinary web pages. Why does it matter that Apache returns different
    status codes (404, 500, etc)? After all, there is a textual document served in each case that says what the
    problem is. Why not just give a status of 200 OK to every request?

    I'm sure you can see that it's better to use the status codes defined in the http standards, which includes returning
    404 Not Found for URLs that are mistyped or otherwise unknown. And the user pages of http://slashdot.org/~foo
    look like ordinary 'file' URLs, so it's good for them to behave in the same way. This is not a big deal, but it's the
    Right Thing to implement.