ocket8888 edited a comment on issue #4000: Put server_capability status code is incorrect URL: https://github.com/apache/trafficcontrol/issues/4000#issuecomment-543814338 What this really comes down as far as path parameters go is a willingness to reveal the existence of other method handlers. For example, you can't give back a 405 for `PATCH /deliveryservices/xmlid-that-my-tenant-does-not-have-access-to` because that discloses the existence of the delivery service (and also you'd need to make database calls for a request you already know is erroneous and can't accomplish anything just to give an error code you know is correct), or you could just do what we do and return a 404. This is part of why I like query parameters better for keys. If somebody does `PATCH /deliveryservices?xmlid=same-as-above`, you can both safely and correctly give back a 405, because the parameter is no longer part of the resource path.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
