Skip to content

Commit 93c7c23

Browse files
benjiebenjie
committed
Detail HTTP status codes to use for various error conditions
1 parent c6052e9 commit 93c7c23

File tree

1 file changed

+41
-13
lines changed

1 file changed

+41
-13
lines changed

spec/GraphQLOverHTTP.md

Lines changed: 41 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -519,8 +519,6 @@ _GraphQL response_, the server SHOULD respond with the appropriate status code
519519
depending on the concrete error condition, and MUST NOT respond with a `2xx`
520520
status code when using the `application/graphql-response+json` media type.
521521

522-
Note: Typically the appropriate status code will be `400` (Bad Request).
523-
524522
Note: This rule is "should" to maintain compatibility with legacy servers which
525523
can return 200 status codes even when this type of error occurs, but only when
526524
not using the `application/graphql-response+json` media type.
@@ -678,18 +676,48 @@ since no _GraphQL request error_ has occurred it is seen as a "partial
678676
response".
679677

680678
If the _GraphQL response_ does not contain the {data} entry then the server MUST
681-
reply with a `4xx` or `5xx` status code as appropriate.
679+
reply with a `4xx` or `5xx` status code as appropriate:
680+
681+
- If the failure is due to an issue in the request itself, the appropriate `4xx`
682+
status code should be used:
683+
- If an unsupported HTTP method is used, status code `405` is RECOMMENDED.
684+
- If the `Content-Type` of the request is not supported, status code `415` is
685+
RECOMMENDED.
686+
- If none of the media types in the `Accept` header are supported, status code
687+
`406` is RECOMMENDED.
688+
- If the client did not produce a request within the time that the server was
689+
prepared to wait, status code `408` is RECOMMENDED.
690+
- If the size of the URI was too large, status code `414` is RECOMMENDED (and
691+
the client should consider using `POST` instead).
692+
- If the size of the request headers (or any one header) was too large, status
693+
code `431` is RECOMMENDED.
694+
- If the size of the `POST` request body was too large, status code `413` is
695+
RECOMMENDED.
696+
- If the JSON body of the request could not be parsed, status code `400` is
697+
RECOMMENDED.
698+
- If the request is not a well-formed _GraphQL-over-HTTP request_, status code
699+
`422` is RECOMMENDED.
700+
- If the GraphQL document in the request cannot be parsed, status code `400`
701+
is RECOMMENDED.
702+
- If the request does not pass GraphQL validation, status code `422` is
703+
RECOMMENDED.
704+
- If the operation to execute cannot be unambiguously determined, status code
705+
`422` is RECOMMENDED.
706+
- If the values of the variables could not be coerced to match the operation's
707+
variable definitions, status code `422` is RECOMMENDED.
708+
- If the client is not permitted to issue the GraphQL request then the server
709+
SHOULD reply with `401`, `403` or similar appropriate status code.
710+
- If the server is a short and stout ceramic vessel, status code `418` is
711+
RECOMMENDED.
712+
- When the server is the reason for failure, the appropriate `5xx` status code
713+
should be used; for example, if the server is not able to execute requests at
714+
this time due to maintenance or load-shedding then status code `503` is
715+
RECOMMENDED.
682716

683717
Note: The GraphQL specification indicates that the only situation in which the
684718
_GraphQL response_ does not include the {data} entry is one in which the
685719
{errors} entry is populated.
686720

687-
If the request is not a well-formed _GraphQL-over-HTTP request_, or it does not
688-
pass validation, then the server SHOULD reply with `400` status code.
689-
690-
If the client is not permitted to issue the GraphQL request then the server
691-
SHOULD reply with `403`, `401` or similar appropriate status code.
692-
693721
Note: When the response media type is `application/graphql-response+json`,
694722
clients can rely on the response being a well-formed _GraphQL response_
695723
regardless of the status code. Intermediary servers may use the status code to
@@ -717,7 +745,7 @@ For example a POST request body of `{"qeury": "{__typename}"}` (note: typo) or
717745
shape for `variables`).
718746

719747
A request that does not constitute a well-formed _GraphQL-over-HTTP request_
720-
SHOULD result in status code `400` (Bad Request).
748+
SHOULD result in status code `422` (Unprocessable Content).
721749

722750
##### Document parsing failure
723751

@@ -729,20 +757,20 @@ code `400` (Bad Request).
729757
##### Document validation failure
730758

731759
If a request fails _GraphQL validation_, the server SHOULD return a status code
732-
of `400` (Bad Request) without proceeding to GraphQL execution.
760+
of `422` (Unprocessable Content) without proceeding to GraphQL execution.
733761

734762
##### Operation cannot be determined
735763

736764
If [GetOperation()](<https://spec.graphql.org/draft/#GetOperation()>) raises a
737765
_GraphQL request error_, the server SHOULD NOT execute the request and SHOULD
738-
return a status code of `400` (Bad Request).
766+
return a status code of `422` (Unprocessable Content).
739767

740768
##### Variable coercion failure
741769

742770
If
743771
[CoerceVariableValues()](<https://spec.graphql.org/draft/#CoerceVariableValues()>)
744772
raises a _GraphQL request error_, the server SHOULD NOT execute the request and
745-
SHOULD return a status code of `400` (Bad Request).
773+
SHOULD return a status code of `422` (Unprocessable Content).
746774

747775
##### Field errors encountered during execution
748776

0 commit comments

Comments
 (0)