So say I find that I’m getting requests to my web application that are

Question

0

Asked: June 17, 20262026-06-17T17:04:47+00:00 2026-06-17T17:04:47+00:00

So say I find that I’m getting requests to my web application that are

0

So say I find that I’m getting requests to my web application that are obviously SQL injection attacks or similar. I write a short test to check request variables for “naughty” strings. If I find one, what code ought I to respond with?

I’m thinking of returning “403 Forbidden” and no content, but I’m not sure.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T17:04:48+00:00

Editorial Team

2026-06-17T17:04:48+00:00Added an answer on June 17, 2026 at 5:04 pm

I would think 403 Forbidden means that the resource shouldn’t be accessed.

I’d thus use 400 Bad Request instead. After all, the user is allowed to the page so long as they’re making a legitimate request.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

So say I find that I’m getting requests to my web application that are

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply