[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: New to lua, web framework?
- From: Javier Guerra Giraldez <javier@...>
- Date: Wed, 6 Oct 2010 14:03:24 -0500
On Wed, Oct 6, 2010 at 1:06 PM, Fabio Mascarenhas <mascarenhas@acm.org> wrote:
>> 403? As in "don't even try, I'm not going to give it to you"
>
> I think this would be a good response to a forged authentication
> token, but is certainly undesirable if the token has just expired. :-)
- 403 is also an appropriate response to a valid token when trying to
access something beyond it's authorization (think normal users trying
to go to an admin-only page)
- an expired toke should (imho) be equivalent to no token at all.
--
Javier
- References:
- New to lua, web framework?, kevin beckford
- Re: New to lua, web framework?, Petite Abeille
- Re: New to lua, web framework?, Philippe Lhoste
- Re: New to lua, web framework?, steve donovan
- Re: New to lua, web framework?, Fabio Mascarenhas
- Re: New to lua, web framework?, Ignacio Burgueño
- Re: New to lua, web framework?, Fabio Mascarenhas
- Re: New to lua, web framework?, Petite Abeille
- Re: New to lua, web framework?, Fabio Mascarenhas