On Tue, Aug 17, 2010 at 7:33 PM, John Panzer <jpan...@google.com> wrote: > Is there any legit reason other than jsonp specifically?
Protected resource authors are slack and are not going to read the spec. That might not be a great reason, but it's not a bad one either. The other reason people get funny with these status codes has to do with browser behavior. Sometimes browsers react in funny ways to funny HTTP status codes. To be on the safe side, developers tend to return an HTTP 200 with whatever they want the user to see. The last reason is that servers fail, and instead of returning the error they meant to return they serve up a bit of static HTML that says, more or less, "Whoa. That sucked." _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
