[
https://issues.apache.org/jira/browse/OFBIZ-5409?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13845877#comment-13845877
]
Adrian Crum commented on OFBIZ-5409:
------------------------------------
Returning attributes is ABSOLUTELY a security risk. Those attributes should
remain within the server, they should not be returned as part of an HTTP
response!
> JSON Response does not set http status on error
> -----------------------------------------------
>
> Key: OFBIZ-5409
> URL: https://issues.apache.org/jira/browse/OFBIZ-5409
> Project: OFBiz
> Issue Type: Improvement
> Components: ALL APPLICATIONS
> Affects Versions: SVN trunk
> Reporter: Gareth Carter
> Priority: Trivial
> Attachments: CommonEvents.patch
>
>
> When a json response is sent and there was an error in the service called, it
> does not set the http status. Currently status code is always 200 but it
> might be more appropriate to send an error code such as 500.
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
