故意发送403响应

时间:2016-06-29 16:41:00

标签: http http-status-code-403

我检查过的网站会在检测到可疑行为后暂时禁止用户。目前,用户被退回到具有最小UI的页面,并且消息告诉他们他们的访问被拒绝。

此页面当前返回的响应代码为200,我即将将其更改为403,因为我相信这有助于提醒垃圾邮件机器人他们已被阻止。

因此,简而言之,页面将保持原样,功能不会改变,只有响应代码将从200改变为> 403。

这是可取的还是我可能会导致我没有预料到的问题?

1 个答案:

答案 0 :(得分:0)

根据403的定义,对我来说听起来很合理:

10.4.4 403 Forbidden

   The server understood the request, but is refusing to fulfill it.
   Authorization will not help and the request SHOULD NOT be repeated.
   If the request method was not HEAD and the server wishes to make
   public why the request has not been fulfilled, it SHOULD describe the
   reason for the refusal in the entity.  If the server does not wish to
   make this information available to the client, the status code 404
   (Not Found) can be used instead.