Comments (7)
Currently, this is by design and the expected behavior. The rationale is that if a route could match any action for a controller, then it is treated as a possible route. If the action cannot be resolved for the requested version, then you'll get 400 because it's not supported.
While I agree that 405 is more accurate, it can be equally confusing with versioning. Imagine that GET /customers?api-version=1.0
is not supported (your example), but GET /customers?api-version=2.0
is supported. Returning 405 could be interpreted by the client as the method is not supported for any API version. Of course that may not be true and may even be discoverable via OPTIONS /customers?api-version=2.0
.
This seems to be quite the gray area and I'm not sure there is a great answer. The Microsoft REST guidelines don't really call out anything specific for this scenario. In older, internal flavors of the guidelines 400 was specifically called out as the response. I don't see anything about that anymore. While I have my own opinion on the matter, my goal is to empower service authors to choose the solution that works best for them. I don't have strong feelings about not using 405.
Let me revisit the matching for actions. There is definitely complexity in sorting out matches that disambiguate between 400 and 405. The end result is still the same behavior with a slightly more informative HTTP status code. I think you should get same error code, but the message might be slightly different.
Adding a new configuration option to control the behavior would also be feasible, but I'd really like to avoid over-configuration. I'd also like see service authors fall into The Pit of Success without a whole bunch of configuration or necessary know how.
Thoughts?
from aspnet-api-versioning.
The argument for using 400 makes sense. Additional code complexity & configuration options don't seem like a good solution just to add support for this.
Since 405 seems to be the default response that webapi returns, adding a note in the wiki that versioning returns a 400 for unsupported verbs would be the easiest solution.
from aspnet-api-versioning.
I think that 405 is the right way to go. Even though it might differ by version, that is the RESTFul way to go. Additionally, it has strong parity with the default behavior. Supporting 405 in this way should be queued up for the next release. I'll leave this open until then,.
from aspnet-api-versioning.
Circling back around to this - finally. After quite a bit of review, I think is actually a bug. While some strength can be given to my argument, there is nothing really mandating that 400 be used over 405. Since returning 400 instead of a 405 is a behavioral change from the original implementation, I think that is a flaw (after all). Service authors and clients should be able to work under the principle of least astonishment.
from aspnet-api-versioning.
A response of 405 is consistent with the REST principles. This seems to still be an issue in that 404 is being returned in .net Core. Can this be looked at again?
from aspnet-api-versioning.
405 is supported and has been for some time. The implementation is specific to API versioning however. ASP.NET Core itself still does not support 405. Design and work has been spun to address it, but it did not make it into the 2.0 release. To the best of my knowledge, it's queued for 2.1. You can track it in the ASP.NET Core repo (#6046).
The documentation for 405 support with respect to API versioning is in the wiki. Do you have a scenario or repro where this behavior is different? I think you may be experiencing an edge case that API versioning doesn't handle for 405 that should be intrinsically handled by ASP.NET Core. Since it's not, you get 404 instead of 405. I'm not sure that API versioning can or even should try to fix the systemic challenges required to make 405 work.
from aspnet-api-versioning.
Thanks for the reply - we just had some standard error handling tests against some of our services, and after switching to .net core experienced this issue accessing one of our services with a PUT command when it doesn't support it.
from aspnet-api-versioning.
Related Issues (20)
- ASP.NET Web API versioning Migrate from QueryStringApiVersionReader to UrlSegmentApiVersionReader HOT 2
- only the 5.1.0 version of Microsoft.AspNetCore.Mvc.Versioning is deprecated HOT 3
- Problem with describing reponse codes in minimal api HOT 3
- Cannot run APIs with different controller names with same ControllerName attribute after migration HOT 6
- Different options in `ApiVersioningOptions.cs` between .NET Framework and .NET Core packages HOT 2
- WithOpenApi() ignore Api versioning readers HOT 4
- .net 8 support HOT 7
- Breaking changes when migrating to OData8 + new versioning HOT 10
- odata/$metadata returns 404 when all controllers are decorated with ApiVersionNeutralAttribute HOT 3
- AddVersionedApiExplorer not working in Asp.Versioning HOT 5
- VersionedApiDescriptionProvider does not set the correct SunsetPolicy to ApiDescription instances HOT 1
- Using ApiExplorerSettingsAttribute together with ApiVersionAttribute produces unexpected number of ApiVersionDescriptions HOT 5
- Asp.Net Core WebApi - AWS ECS Cluster Authentication failure HOT 2
- [Versioned Clients][API Notifications] Fails to read new versions when available HOT 2
- Swashbuckle documentation inconsistent with examples HOT 2
- AssumeDefaultVersionWhenUnspecified does not work correctly if ApiVersionNeutral is used in the controller HOT 2
- swagger.json file not found after update HOT 9
- My API is not displaying all the versions. HOT 4
- Improve docs for HeaderApiVersionReader
- Add synonym to `AddMvc` method. HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aspnet-api-versioning.