Origin of the 419 status code for token exceptions #45247
Unanswered
voidgraphics
asked this question in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Just had a quick conversation with Ben Ramsey about the 419 status code returned by Laravel when encountering token exceptions.
He brings up a good point that choosing this code seemingly arbitrarily can cause issues if the IETF ever decides to use that code for something else within the official HTTP spec.
While this is probably unlikely, and the widespread use of Laravel today would probably cause the IETF to consider not using this code in order to avoid causing problems with a lot of Laravel apps, it could technically still happen.
I do not have a solution to suggest, nor do I think this is particularly something that needs to change in the framework now, but it did get me to think about this, and now I'm wondering how we could possibly ever choose a status code that can be considered "safe" and "future-proofed" with a system like this one.
Do we know the story behind @taylorotwell's decision to use that code (I'm assuming he chose it in the early days of the framework)? Was it just randomly chosen, or is there an actual way to make a good or a bad choice in this regard?
Thanks for reading, please share your thoughts!
Beta Was this translation helpful? Give feedback.
All reactions