CiviMail - throw 400 (Bad Request) rather than 500 (Server Error) if public url endpoints hit with bad parameters
Overview
Urls for CiviMail public endpoints like civicrm/mailing/open
have a few required parameters, identifying the user / url etc. How should we handle if params aren't valid?
Current behaviour
Current standard behaviour Civi-wide for missing/invalid params is a CRM_Core_Exception
, which in turn results in a 500 server error.
Proposed behaviour
I think a 400 Bad Request error is more appropriate, for the "public" CiviMail links in particular.
Comments
It also helps with detecting and blocking spammy click behaviour, which I've seen with random permutations of parameters and things like this.