You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The intent of the New Session algorithm (as made clear in step 2) is for a failure to create a session to result in an error of "session not created" being returned. My belief is that all implementations follow this expected behaviour.
However, a close reading of the spec shows that step 4 of the main algorithm "tries" to process the capabilities. There are several paths through this algorithm that cause an "invalid argument" to be returned, which, given the way that Step 4 is written, will bubble back to the end user.
The simplest fix is to indicate that the returned "invalid parameter" is passed back as the "data" section of the "session not created" error, which allows the information to be returned to the user in a meaningful way. The alternative is to allow two kinds of error to be returned by the algorithm, but this will break expected results and widespread implementations.
Opening this to the floor for discussion, but I am happy to write up the decision we take.
The text was updated successfully, but these errors were encountered:
After discussion, the suggested way forward is to ensure we return "session not created", but to include information about the "invalid parameter" in the "data" section of the response.
The intent of the New Session algorithm (as made clear in step 2) is for a failure to create a session to result in an error of "session not created" being returned. My belief is that all implementations follow this expected behaviour.
However, a close reading of the spec shows that step 4 of the main algorithm "tries" to process the capabilities. There are several paths through this algorithm that cause an "invalid argument" to be returned, which, given the way that Step 4 is written, will bubble back to the end user.
The simplest fix is to indicate that the returned "invalid parameter" is passed back as the "data" section of the "session not created" error, which allows the information to be returned to the user in a meaningful way. The alternative is to allow two kinds of error to be returned by the algorithm, but this will break expected results and widespread implementations.
Opening this to the floor for discussion, but I am happy to write up the decision we take.
The text was updated successfully, but these errors were encountered: