Hi all! I have a liberator newbie question: I am using liberator together with formidable and I have a sign up form which after validating the fields would lead to an account entry creation. However I would like to flash the validation errors on the same form if not correct so the user tries again. Any idea what is the right handler for this. I tried a few but without success plus conceptual dont seem right to me (like processable and malformed)

I would say return a 401 Unauthorized. Which means the :authorized? decision

@bostonaholic thanks for your answer. I am wondering if thats the right way cause the error can be that the user didnt fill in the name for instance. Is this unauthorised? Or malformed?

could be

seems like personal preference to me

https://tools.ietf.org/html/rfc7235#section-3.1

I might agree that not sending a required field is 400

ok, thank you!

Personally I'd prefer 422 because the form data in the request body is the entity that cannot be processed. But 400 is also wildly considered ok.

422 is another good option

By the words of the specification 400 is for request that are malformed on the network/encoding level but 422 is not in core http but only in webdav. Key advantage of using 422 is that you can interpret 400 as a software error (malformed JSON) and 422 as an application layer problem (invalid field value). The former is hardly fixable for the user, the latter is.