Errors sent as 200 reponse payloads

[axelboc]

When a back-end error occurs inside some endpoints, the server still responds with 200, with the error trace as body.

I last experienced this in #1354: an error was thrown in the signout function and the front-end wasn't aware of it. This was the body of the response:

This kind of error is detected only when the front-end needs to read the response body; otherwise it's just ignored and nothing gets logged to the console since it's a 200 response.

---

This kind of server error should result in 500 - Internal Server Error responses.

[elmjag]

Another details here is that front-end probably does not check the Content-Type header of the responses. It just tries to parse this response as JSON.

For each response, the front-end should check that:

• status code is 200
• the Content-Type is application/json

and only then try to parse the reply as JSON.

Right now we just get these cryptic errors in the console, when it tries to parse the traceback text as JSON.

[axelboc]

You are very much right. The status code is checked obviously, since anything else than 200 throws a fetch error, but the Content-Type doesn't seem to be checked before JSON.parse() is called.

EDIT: fixed in #1365