My server returns a 403 forbidden error when a user tries to access a resource that they do not have access to. Along with the header, the server also writes a short message describing the error.
In Firefox, the error message displays well and the user knows what is going on.
In Internet Explorer, the message is hidden and replaced by 403 forbidden standard error pages.
Are there any specific rules that allow me to display an error message in all browsers while still setting the status to 403 Forbidden?
Here is the RFC information about this status:
The server understood the request, but refuses to fulfill it. Authorization will not help, and the request MUST NOT be repeated. If the request method was not HEAD, and the server wants to disclose why the request was not completed, it SHOULD describe the reason for the denial in a legal entity. If the server does not want to make this information available to the client, the status code is 404 (not found) instead.
It seems I should install the message, but IE just won't display it.
source
share