Should a WebAPI Precondition check occur after entity validation?

136 views Asked by At

RFC 7232 Section 3.4 Says the following:

Except when excluded below, a recipient cache or origin server MUST evaluate received request preconditions after it has successfully performed its normal request checks and just before it would perform the action associated with the request method. A server MUST ignore all received preconditions if its response to the same request without those conditions would have been a status code other than a 2xx (Successful) or 412 (Precondition Failed).

My API will perform entity validation before it calls to persist it to the DB. This could cause the server to reply with a 422 (or other 4xx).

Likewise, my validation layer could pass and the DB validation could fail (some bug where I don't check foreign keys, maybe) and this would raise a 5xx.

If I read the RFC correctly, any response that I could anticipate like my validations which would return 4xx should occurr before I check the precondition. Is that right?

But my actual exceptions (probably returning 5xx) can't be prechecked.

0

There are 0 answers