> When sending an HTTP GET or HEAD request to LinkedIn for a specific profile [...]<p>> It will also be returned if there are too many HTTP requests in a single day. This is similar to the HTTP 429 Too Many Requests error message.<p>Similar? That is excatly what 429 was made for, or not? This is weird or just lazy.
The page explaining all the codes should make it clear that using status code 999 is a bad idea.<p>One reason why it's bad is because it violates RFC 2616 (§6.1.1):<p><pre><code> The first digit of the Status-Code defines the class of response.
The last two digits do not have any categorization role.
There are 5 values for the first digit:
- 1xx: Informational - Request received, continuing process
- 2xx: Success - The action was successfully received,
understood, and accepted
- 3xx: Redirection - Further action must be taken in order to
complete the request
- 4xx: Client Error - The request contains bad syntax or cannot
be fulfilled
- 5xx: Server Error - The server failed to fulfill an apparently
valid request</code></pre>
This is super unprofessional. 999 means nothing, therefore it cannot be acted upon, therefore it is totally useless. Best description which I can come up with is "I don't like you and I won't say why, because I don't like you".<p>The expected client behavior is sending in return an empty http post request with wtf header and value "I feel this server is passive aggressive towards me."
I am wondering if it might have been chosen as a joke... 999 is a homonym for the German "nein, nein, nein" (no, no, no), which is rather fitting for a "go away" status code.
Nginx has a similar unofficial code 444 - which just closes without any other information and it's super helpful. 999 OTOH feels like you're just too lazy to use the correct response though.<p>Edit: I should not that while you're using it in your Nginx config, you're not _actually_ returning it to the client. That's a fairly important distinction, and I think makes it more appropriate than the 999 thing.
I’m going to bet that every 999 could be defined more accurately using an existing code.<p>For me, if the server cannot specifically tell you what kind of error happened, it’s by definition a 500.<p>My API is internal, but it’s been nice to consider, “all 500-level errors are my team’s problem to fix or represent more accurately as a 400-level.”
Reminds me of a similar one that only Shopify uses <a href="https://http.dev/430" rel="nofollow noreferrer">https://http.dev/430</a><p>It says it’s deprecated but we still get them from their API from time to time.
I've never realized that http status 999 was a thing. I've often used 401 to tell user something similar to "denied"...which i get is different in that "unauthorized" (for 401) is the <i>browser</i> telling the user, while i suppose 999 would be the server telling the client to tell the user a generic "denied"...so there's a difference there, but a little nuanced i suppose. I guess TIL.
I am getting 999 even in a browser, what the fuck<p><a href="http://www.linkedin.com/in/filwiese" rel="nofollow noreferrer">http://www.linkedin.com/in/filwiese</a>
This is just <i>wrong and bad</i>.<p>The uses described should very clearly be 403 Forbidden where it’s refusing to respond based on user-agent, and 429 Too Many Requests where it’s rate limiting.<p>The spec says <<a href="https://www.rfc-editor.org/rfc/rfc9110#section-15-6" rel="nofollow noreferrer">https://www.rfc-editor.org/rfc/rfc9110#section-15-6</a>>:<p>> <i>Values outside the range 100..599 are invalid. Implementations often use three-digit integer values outside of that range (i.e., 600..999) for internal communication of non-HTTP status (e.g., library errors). A client that receives a response with an invalid status code SHOULD process the response as if it had a 5xx (Server Error) status code.</i><p>So, the spec declares it invalid, and its suggested handling yields the wrong semantics (server rather than client error).<p>Given the notes they have on things like 430, I’m astonished at them not noting the problems with this code.
Has anyone pointed out that in the UK 999 is the emergency number (like 911 in the US). So "999 Request Denied" sounds like a public safety issue to someone who doesn't speak tech. Make it 998 if you must.