On 18/08/2010, at 3:57 PM, Brian Eaton wrote: > On Tue, Aug 17, 2010 at 7:33 PM, John Panzer <jpan...@google.com> wrote: >> Is there any legit reason other than jsonp specifically? > > Protected resource authors are slack and are not going to read the > spec. That might not be a great reason, but it's not a bad one > either. > > The other reason people get funny with these status codes has to do > with browser behavior. Sometimes browsers react in funny ways to > funny HTTP status codes. To be on the safe side, developers tend to > return an HTTP 200 with whatever they want the user to see.
Can you give concrete examples, please? What browsers do what exactly, under what circumstances? > The last reason is that servers fail, and instead of returning the > error they meant to return they serve up a bit of static HTML that > says, more or less, "Whoa. That sucked." > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth -- Mark Nottingham http://www.mnot.net/ _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
