validation - What comes first: Permission or validity check? -


i building rest api , cannot decide check first: input validity or permissions. imagine user tries post invalid date endpoint not allowed access. should response 403 unauthorized or 400 bad request?

furthermore: there "official" spec describes , reasons why 1 lean 1 or other?


Comments

Popular posts from this blog

c++ - Difference between pre and post decrement in recursive function argument -

php - Nothing but 'run(); ' when browsing to my local project, how do I fix this? -

php - How can I echo out this array? -