alt Hacker News> A 500 error is almost never "just you".
I know you added the defensive "almost" but if I had a dollar each time I saw a 500 due to the session cookies being sent by the client that made the backend explode - for whatever root cause - well, I would have a fatter wallet.
Replies
xnorswap • today at 3:17 PM
Indeed, and also there's a special circle of hell reserved for anyone who dares change the interface on a public API, and forgets about client caching leading to invalid requests but only for one or two confused users in particular.
Bonus points if due to the way that invalid requests are rejected, they are filtered out as invalid traffic and don't even show up as a spike in the application error logs.
Depending on what you mean by "made the backend explode", that is a server error, so 500 is correct!
Bad input should be a 4xx, but if the server can't cope with it, that's still a 5xx.