|
|
|
|
|
|
by dylan604
441 days ago
|
|
|
by default, make the thing return a 400 Invalid Request for any request that did not fit exactly what you are expecting. That at least lets you focus on ensuring the data that you are expecting is sane/valid/safe. Undocumented features will eventually bite you, and are loaded footguns, especially if your QA team doesn't know about the undocumented features. |
|
|