EXPLANATION
1xx Informational Codes
100 Continue Server Code
100
continue server code basically means ‘Business as usual’. Essentially
it relates to the fact that the request being made by the user is good
and that the server is to continue with the request. This is only a
temporary response code while the user waits for the final response code
from the server, which occurs once the last data packet is sent.
When
might this be used? – This is an internal code and sometimes it doesn’t
even get generated if the user has already received some data from the
server already. It’s kind of like saying that to the server that the
connection is good and the door is open. Send in the data but don’t
forget to close the door when you are done (with the final response
code).
101 Switching Protocols
This
is one of the simplest of the server error codes and it means the user
has made a request to switch the type of protocols used on the web
server and the server has agreed to do so.
When might this be
used? – When switching to a new HTTP version from an older style
protocol to a newer style that may be cleaner or have newer features.
This is only done if it is in the best interest for the protocol to do
so. i.e. an upgraded HTTP version is available.
102 Processing
As
a WebDAV (Transfer Protocol) request may contain not just one request
but lots of sub-requests involving file operations and it may take a
long time to complete the request.
When might this be used? – This
code is generated to indicate to the user that the server has received
and is processing the request, but no response is available yet as it is
taking time due to the nature of the request. This means that the
client doesn’t time out automatically because it won’t assume the
request was lost and that it should expect data soon.
2xx Success
This class of status codes indicates the action requested by the client
was received, understood, accepted and processed successfully – job
done!
200 OK
This
code is probably the most widely used and known, conversely, it is
probably the least seen due to its very nature. It basically means that
the exchange between the user and the server is complete and everything
went as it should.
When might this be used? – Ideally all the time!
201 Created
The
request has been fulfilled and resulted in a new resource being
created. For example, a request from the user has resulted in the
creation of a new resource, like a new page. The origin server must
create the resource before sending the 201 code. If the resource cannot
be generated at that time then the server should show a 202 (accepted)
code instead.
202 Accepted
The
request has been accepted for processing, but the processing has not
been completed for whatever reason. The request may or may not
eventually be acted upon depending on whether it is disallowed when
processing actually takes place.
When might this be used? – When
the server cannot complete the request at the time it is made. The
response is intentionally non-committal as it is simply used to stop the
user from persisting with the request for a 201 code when the server
cannot complete the action there and then.
203 Non-Authoritative Information
The
server successfully processed the request, but is returning information
that may be from a third party source rather than the original server.
It is pretty much identical to a 200 code in nature, but indicated the
source is not from the requested server.
When might this be used? –
This code may be used in place of 200 when the sender has a reason to
believe that the information in the response’s entity headers is
different from what the origin server would send.
204 No Content
Not
ideal. This code is a response sent by the server to say that the
request was received and understood but there is no data to send back to
the user. This is mainly to allow for scripts without changing the
document at the same time. This code must not contain a message body and
is included in the first empty line of code after the header fields.
When
might this be used? – The code is primarily given to allow for input or
actions to take place without causing changes to the user agent’s
active view, although any new information should be applied to the
document currently in view.
205 Reset Content
The
server successfully processed the request, but is not returning any
content. Unlike a 204 response, this response requires that the
requester reset the document view.
When might this be used? – This
is usually seen when a user completes a form and the server sends a
request to the browser to clear the form. It is similar to a 204 code
but asks the user to reset the document view after completion, for
example clearing an HTML form after submission.
206 Partial Content
The
server is delivering only part of the resource due to a range header
sent by the client. This is usually used by advanced caching tools when
the user only requests part of or a small section of content on a page
and the server responds by showing only that selection.
When might
this be used? – This code is usually given as a result of an If-Range
request that is used in a strong cache validator. The request is also
required to include the range header area, which is used to set the
parameters for what content is displayed.
207 Multi-Status
The
message body that follows is an XML message and can contain a number of
separate response codes, depending on how many sub-requests were made.
3xx Redirection
This
class of status code indicates that further action needs to be taken by
the user agent to complete the request. The action may be carried out
by the user or may include a different request to the server.
300 Multiple Choices
Very
basically, this code tells the user that the resource has been moved
and the server responds with a list of alternate location options where
the user agent can select the most appropriate resource.
When
might this be used? – Typically this might be seen when the server
thinks that the URL provided by the user (i.e. the browser) is not
specific enough and further selection needs to be made from additional
choices. This usually happens where a URL is requested that is for a
high level directory where a user must select the specific file to
access.
301 Moved Permanently
This
is a hugely common and widely used request. It means that requests for
that resource and all future requests should be directed to the new
given URI.
When might this be used? – When a page no longer exists
or a link provided from a third party is ‘broken’ or incomplete. The
301 response tells the user that the given resource is moved to the
stated source (usually handled in the .htaccess file on apache servers).
302 Found
This
code essentially tells the user that the location of the resource that
was requested has been temporarily moved to a new location and the 302
response should include the new location the user should request.
When
might this be used? – This has quite a few uses, many of which are not
what the code was originally intended for. It was originally intended as
a primary way of creating a temporary redirect; however there are other
ethical and unethical uses for these codes.
303 See Other
This
code indicates to the user that the requested resource can be found at a
URL other than the one requested. It doesn’t mean that anything has
been moved necessarily it is just specifying the address where the
response should be requested.
When might this be used? – This
method exists primarily to allow the output of a POST-activated script
to redirect the user agent to a selected resource.
304 Not Modified
This
code means that the user has requested a document/resource only if it
has been modified since the last cache date of the document stored by
the user.
When might this be used? – If the response from the
server says that the documents’ If-Modified-Since or If-Match is the
same as that of the cached copy that the user has a cached version of
there is no need to re-send the resource and thus a 304 Not modified
code is used.
305 Use Proxy
This
code tells the user that access to the requested resource is only
available through a proxy which is specified in the response.
When
might this be used? – This code is often presented in relation to
security considerations that govern access to the requested URL
resources.
306 Switch Proxy
This code originally meant “Subsequent requests should use the specified proxy” but is no longer used and is reserved.
307 Temporary Redirect
This
code is returned when a resource is temporarily available at a
different URL which is also returned. There is little difference between
this and a 302 code other than that this code was created as a less
ambiguous version of the 302.
When might this be used? – In much
the same ways as he 302 code and the user should continue to request the
original URL for future requests or until a new response code is
applied.
4xx Client Error
The
4xx class of status code is intended for cases in which the client
seems to have made a mistake or the location never existed/no longer
exists but is yet to have a 3xx code applied. These status codes are
applicable to any request method.
400 Bad Request
The request cannot be fulfilled due to bad syntax.
When
might this be used? – When the user requests information but in doing
so disobeys the rules regarding the hypertext transfer protocol. The
request should not be repeated without modification to the syntax.
401 Unauthorized
This
code is in relation to a request for a resource that requires user
authentication. A 401 response indicates that the authorisation had been
refused for the credentials that the user provided.
When might this be used? – When the user makes a server request using the wrong credentials (username and/or password)
402 Payment Required
Reserved
for future use. However the original intention was that this code might
be used as part of some form of digital cash or micropayment scheme,
but that has not happened, and this code is not usually used.
When
might this be used? – Apple’s old MobileMe service generated a 402
error if the MobileMe account was misusing the service. In addition,
YouTube uses this status if a particular IP address has made excessive
requests, and requires the person to enter a CAPTCHA.
403 Forbidden
The user is attempting to request a resource that it does not have access to and authentication will not change this.
When
might this be used? – Basically, if the user’s request is valid but the
server doesn’t allow access to the resource for some reason. Usually
because the resource is not meant for public access.
404 Not Found
We
all know what these are right? This means that the resource requested
cannot be found but may be accessible in the future. Subsequent requests
by the client are permissible; however in most cases a 3xx code is
applied to redirect the resource to the present the user with an
alternate location or resource.
When might this be used? – Quite
often when a page is removed or a link to an old page is left without a
3xx redirect. Usually in this case a custom page is generated through
the server error handling code that will show the user a standard 404
error page.
405 Method Not Allowed
The
method by which you are making your resource request is not allowed.
E.g. Using GET on a form which requires data to be presented via POST,
or using PUT on a read-only resource.
When might this be used? –
405 errors are presented in relation to particular objects on a web site
that is requested, for example the request line on a script is
different to that of the user request that is asking to use the script.
406 Not Acceptable
The
requested resource is only able to generate content that is not
acceptable to that of the Accept headers in the request itself. The
browser can indicate to the server the data characteristics that the
data will accept from the server.
When might this be used? – If
the file format of the resource requested is not in a format that the
user is capable of understanding. We are talking about coding language
here not French!
407 Proxy Authentication Required
Similar
to a 401 code, a 407 code means that the client must first authenticate
itself with the proxy. To do this and pass authentication the proxy
must return a Proxy-Authenticate header field that meets the challenge
presented by the server.
When might this be used? – When the
server thinks that the data request from the client was correct but
access to the resource is only available through a proxy server
authentication. Typically a log in challenge on a proxy server first.
408 Request Timeout
The server timed out waiting for the request from the user that failed to respond in the time allowed by the server.
When
might this be used? – According to W3 HTTP specifications: “The client
did not produce a request within the time that the server was prepared
to wait. The client MAY repeat the request without modifications at any
later time.”
409 Conflict
Indicates that the request could not be processed because of conflict in the request, such as an edit conflict.
When
might this be used? – You may receive this code when uploading a file
to a web server that is older than the one already there causing a
conflict in version control.
410 Gone
Indicates
that the resource requested is no longer available and will not be
available again either through deletion or access removal. The user
should not make a request for this location again.
When might this
be used? – If a resource is no longer available at the server and no
forwarding address is known and the server does not know or is unable to
tell if the 404 code should be used.
411 Length Required
The request did not specify the length of its content, which is required by the requested resource.
When
might this be used? – The browser did not define the requested
content’s length in the request header. The server won’t accept a
request without a valid Content-Length header field.
412 Precondition Failed
The
server does not meet one of the preconditions that the requester put on
the request. In other words; one or more of the request headers
responded with a ‘false’ attribute.
When might this be used? – If
the header request that is making a valid request of the resource that
specific request is not acceptable for that specific resource.
413 Request Entity Too Large
A 413 code is presented when the request that was sent to the server is larger than the server is willing or able to process.
When
might this be used? – When using the POST method on a form the content
is larger than the server can process due to constraints either
physically or by design.
414 Request-URI Too Long
This code it given by a server when the URL requested by the user is longer than the server is bale to process.
When
might this be used? – When a POST request is converted to a GET
request. A POST request allows for unlimited amounts of data to be sent
by tagging it to the request itself; however if this request were to be
converted into a GET request then the request allows the form data to be
appended to the URL, which can make it longer than is accepted.
415 Unsupported Media Type
A
415 response is sent to indicate that a server has noticed that part of
the request was made in an unsupported format that the server is
expecting based on requested resource.
When might this be used? –
When the request didn’t specify any media types that the resource or
server supports. For example, the user requests an image with a file
extension that the server doesn’t support. The server knows what is
being asked for but it doesn’t understand the format that it is being
asked to provide the resource.
416 Requested Range Not Satisfiable
This
response code is presented to the user when a request for a portion of
the resource is requested when that portion cannot be supplied.
When
might this be used? – When the server is asked for the XXX – YYY bytes
of a resource but the resource is smaller than that of the request.
417 Expectation Failed
The server cannot meet the requirements of the Expect request-header field.
When
might this be used? – Quite self-explanatory; One of the request
headers sent to the server, the ‘Expect’ header indicated an expectation
that the server could not meet.
418 I’m a teapot
This
code was defined in 1998 as one of the traditional IETF April Fools’
jokes, in RFC 2324, Hyper Text Coffee Pot Control Protocol, and is not
expected to be implemented by actual HTTP servers.
When might this be used? – For a nerdy laugh almost 15 years ago.
422 Unprocessable Entity
The request was well-formed but was unable to be followed due to semantic errors.
When
might this be used? – This error condition may occur if an XML request
body contains well-formed (i.e., syntactically correct), but
semantically erroneous, XML instructions.
423 Locked
The
resource that is being accessed is locked. The lock must be released or
proper identification given before the resource can be accessed.
When might this be used? – When the resource is exactly that. Locked. Usually for security.
424 Failed Dependency
Indicates
the method was not executed on a particular resource within its scope
because some part of the method’s execution failed causing the entire
method to be aborted.
425 Unordered Collection
This
code is presented when a resource is defined in drafts of “WebDAV
Advanced Collections Protocol”, but not present in “Web Distributed
Authoring and Versioning Ordered Collections Protocol”.
426 Upgrade Required
This code will be reported to the user when it should switch to a different, newer protocol.
When might this be used? – Usually when a browser is using older protocols than that of the server handling the requests.
428 Precondition Required
The
origin server requires the request to be conditional. Intended to
prevent “the ‘lost update’ problem, where a client GETs a resource’s
state, modifies it, and PUTs it back to the server, when meanwhile a
third party has modified the state on the server, leading to a
conflict.”
When might this be used? – By requiring requests to be
conditional, the server can ensure that clients are working with the
correct copies. If they aren’t, the user will receive a 428 code.
429 Too Many Requests
This is a response set by the server in an attempt to limit request rates.
When might this be used? – When the user has sent too many requests in a given amount of time this code is reported.
431 Request Header Fields Too Large
The
server is unwilling to process the request because either an individual
header field, or all the header fields collectively, are too large.
When
might this be used? – Basically, when the request header from the user
is larger than the server is able or willing to handle. The request may
be resubmitted after reducing the size of the request header fields.
444 No Response
Used in Nginx logs to indicate that the server has returned no information to the client and closed the connection.
When might this be used? – Usually used as a deterrent to malware.
449 Retry With (Microsoft)
A Microsoft extension that states a request should be retried after performing the appropriate action.
When
might this be used? – This code is often generated when a set of
parameters are not appropriate to the action requested. Usually in a
custom application or basic search engine.
450 Blocked by Windows Parental Controls (Microsoft)
A
Microsoft extension. This error is given when Windows Parental Controls
are turned on and are blocking access to the given webpage.
When
might this be used? – When parents (who know about this feature) use
parental control and access id being requested to a blocked resource.
Bad kids!
451 Unavailable For Legal Reasons
“A
New HTTP Status Code for Legally-restricted Resources” .Intended to be
used when resource access is denied for legal reasons, e.g. censorship
or government-mandated blocked access.
5xx Server Error
The server failed to fulfil an apparently valid request.
These
server responses are often shown when the user makes a request that the
server is incapable of completing for whatever reason. The server
should include a message for the browser to display to the user, showing
the code and explaining whether or not the error is temporary or
permanent.
500 Internal Server Error
A 500 Error message is a generic error message that is given when no more specific message is suitable.
When
might this be used? – When a resource or link is created on the server
(like a calendar resource in a booking system) that technically doesn’t
exist as a link or an accessible resource yet appears as a link to the
user.
501 Not Implemented
The server either does not understand the request method, or it doesn’t have the ability to complete the request.
When
might this be used? – You may see this when the server doesn’t support
the normal request protocols such as GET, OPTIONS, HEAD and POST etc.
502 Bad Gateway
A
502 response is shown when the server was acting as a gateway or proxy
and received an invalid response from the upstream server.
When
might this be used? – Usually when the upstream server and the
proxy/gateway do not agree on the protocols in the request and as a
result generate an error when exchanging data.
503 Service Unavailable
The server is currently unavailable because it is overloaded or down for maintenance. Generally, this is a temporary state.
When might this be used? – When a site is experiencing a high level of demand that its servers cannot handle.
504 Gateway Timeout
When exchanging data with a proxy/gateway server the gateway fails to respond to a request in the pre-defined timeframe.
When might this be used? – When using a proxy/gateway server to exchange data and the two servers are waiting for responses.
505 HTTP Version Not Supported
The server does not support the HTTP protocol version used in the request.
When
might this be used? – Exactly as it says above! When the HTTP protocol
is older than the server likes and no longer supports.
506 Variant Also Negotiates
This
indicates that the server has an internal configuration issue and a
transparent content negotiation for the request that has no end point.
When might this be used? – When the server is not set up correctly to handle the request and a negotiation loop ensues.
507 Insufficient Storage
The server is unable to store the data from the user needed to complete the request fully.
When
might this be used? – When the server is already at capacity and the
user makes a request for a resource that the server has stored. The
issue is that the server does not have the storage to store the data
that is sent in the request to then send the requested resource.
509 Bandwidth Limit Exceeded
This
status code, while used by many servers, is not specified in any RFCs
and requires the correct implementation on apache servers.
When
might this be used? – When the correct extension is implemented to an
apache server and bandwidth set by the ISP is soon to be exceeded. There
are different threshold settings to chose from.
510 Not Extended
Further extensions to the request are required for the server to complete the request.
When might this be used? – When the server requires more information from the request than is given.
511 Network Authentication Required
The
user needs authentication to gain network access. Intended for use by
intercepting proxies that control access to the network.
When
might this be used? – When the user is required to agree to Terms of
Service before granting full Internet access via a Wi-Fi hotspot or
third party network.
Loads aren’t there! I hope this list is a
useful resource to you all and if I have missed any off (I think there
are one or two that are completely useless or so out of date that I
don’t know of them) please feel free to add them in the comments section
below. Please share this post with your colleagues as it might help
them too!
Image Credits:
503 Service Unavailable.
The server is currently unable to handle the request due to a
temporary overloading or maintenance of the server. The implication is
that this is a temporary condition which will be alleviated after some
delay. If known, the length of the delay MAY be indicated in a
Retry-After header. If no Retry-After is given, the client SHOULD handle
the response as it would for a 500 response.
Note: The existence of
the 503 status code does not imply that a server must use it when
becoming overloaded. Some servers may wish to simply refuse the
connection.
SOURCE
https://www.restapitutorial.com/httpstatuscodes.html