6

I'm looking through an advanced, security related Ruby on Rails tutorial and it's talking about 422 HTTP responses as "the client submitted request was well formed but semantically invalid". I have also seen the latter part rendered as 'semantic errors' or 'semantically erroneous'.

In the example given this was due to Rails checking for an authenticity token, but I significantly feel there is a lot more to the HTTP response.

I would be particularly grateful for a canonical definition from an established community member as to what 'semantically invalid/errors/erroneous' means. What is the general rule that makes a request well formed but not semantically valid?

2 Answers2

9

A 422 (unprocessable entity) status code is given to indicate that the server understood the request, but could not process the logic.

It can be used to indicate things like logic problems (e.g. you asked for an invalid date range to filter on), and validation issues (e.g. you didn't specify a title - which is required). "Semantic error" in this case simply means "logic error".

This distinguishes it from things like lack of permissions (401 or 403 is more appropriate), and also from a generic 400 status which can indicate that the server couldn't understand the request (i.e. it was a malformed request).

gwcodes
  • 5,632
  • 1
  • 11
  • 20
  • 1
    If it's well formed is that not logical? Am I being too English language? –  Apr 03 '17 at 22:40
  • 1
    To build onto this with an analogy to language, just as a question can be syntactically valid but semantically invalid ("is the book unemployed?"), so can a web request. – Robert Nubel Apr 03 '17 at 22:40
  • Well formed = conforms to your API specification. That is quite different from valid logic – gwcodes Apr 03 '17 at 22:41
  • I understand and am amused by the literary example, but I don't understand how it applies to the tech –  Apr 03 '17 at 22:41
  • @gwcodes so it applies everything the API asks for but... [?] –  Apr 03 '17 at 22:42
  • @RailsKiddie: let's look at a really simple example. I have a GET endpoint that let's you query articles between a `to` and `from` date range. It expects two integer (timestamp) parameters. If you were to send a request without either parameter, I would return `400` - you didn't follow my instructions, so your _syntax_ is wrong. If you sent a request where `from` was _less than_ `to`, then we have a _semantic_ error. Technically everything is valid, but your query makes no logical sense. – gwcodes Apr 03 '17 at 22:47
  • Ah, so it basically means that to the API it would make sense, but to established standards it doesn't, right? –  Apr 03 '17 at 22:49
  • 1
    Yes, I guess so. Here's another way of looking at it - the status code that you return can help users to troubleshoot any errors. If I get a `400`, I need to look at the structure of what I'm requesting. If I get a `401`, then I need to check my authorisation keys. If I get a `422`, I should check the _values_ that I'm sending, because the server is indicating that they don't make sense (from the perspective of the application logic) – gwcodes Apr 03 '17 at 22:57
  • Thank you @gwcodes These codes can be very tricky and tough to distinguish. This makes a lot of sense, usually, ppl throw a generic 400 and 404 for almost everything. – Tanzim Chowdhury Jul 13 '22 at 16:42
1

I got this particular semantic error while posting resources into the database via postman.

After clean examination of the payload which I am sending, I found that the Json payload is not having the correct format that Database schema is expecting. For example, I am having one value as string instead of an array of strings in my payload. Later it got posted successfully with 201 response.

Dheeraj
  • 332
  • 3
  • 4