One, 1xx message
This type of status code, on behalf of which the request has been accepted, needs to continue processing.
This type of response is a temporary response that contains only the status line and some optional response header information and ends with a blank line.
Because no 1XX status codes are defined in the HTTP/1.0 protocol, the server prohibits sending a 1xx response to such clients unless under some experimental conditions.
These status codes represent a response that is informational and identifies other actions that the customer should take.
- The Continue client should continue to send the request. This temporary response is used to inform the client that some of its requests have been received by the server and are still not rejected. The client should continue to send the remainder of the request, or ignore the response if the request has been completed. The server must send a final response to the client after the request is complete. the 101 Switching Protocols Server has understood the client's request and will notify the client through the upgrade message header to use a different protocol to complete the request. After the last empty line of the response is sent, the server switches to those protocols defined in the upgrade message header. : Similar measures should be taken only when switching to a new protocol is more beneficial. For example, switching to a new HTTP version is more advantageous than an older version, or switching to a real-time, synchronized protocol to deliver resources that exploit this type of feature. 102 processing 2518) The extended status code, on behalf of processing, will be continued execution.
Second, 2xx success
This type of status code indicates that the request has been successfully received, understood, and accepted by the server.
$The OK request was successful and the requested response header or data body will be returned with this response. 201The Created request has been implemented, and a new resource has been created according to the request, and its URI has been returned with the location header information. If the required resources cannot be created in time, they should be returned'202 Accepted'. 202the Accepted server has accepted the request but has not yet processed it. As it may be rejected, the request may or may not be executed at the end. In the case of asynchronous operation, there is no more convenient way to send this status code. : The purpose of a response that returns a 202 status code is to allow the server to accept requests from other processes, such as a batch-based operation that executes only once a day, without having the client remain connected to the server until the batch operation is complete. Responses that accept requests for processing and return a 202 status code should include in the returned entity some information indicating the processing of the current state, as well as pointers to processing status monitors or state predictions so that the user can estimate whether the operation has completed. 203non-authoritative The information Server has successfully processed the request, but the returned entity header meta-information is not a valid set on the original server, but a copy from a local or a third party. The current information may be a subset or a superset of the original version. For example, metadata that contains resources may cause the original server to know the superset of meta information. It is not necessary to use this status code, and it is appropriate only if the response does not use this status code to return a number of OK. 204the no content server successfully processed the request, but did not need to return any entity content and wanted to return the updated meta information. The response may return new or updated meta information in the form of an entity header. If the header information exists, it should be echoed with the requested variable. If the client is a browser, then the user's browser should keep the page that sent the request without any changes in the document view, even if the new or updated meta information by specification should be applied to the document in the user's browser's active view. Because the 204 response is forbidden to contain any message bodies, it always ends with the first empty line after the message header. 205the Reset content Server successfully processed the request and did not return any content. However, unlike the 204 response, a response that returns this status code requires the requestor to reset the document view. The response is primarily used to accept user input and immediately resets the form so that the user can easily start another input. As with the 204 response, the response is also suppressed to contain any message bodies and ends with the first empty line after the message header. 206Partial Content Server has successfully processed some get requests. HTTP download tools such as FlashGet or Thunderbolt are used to implement a breakpoint continuation or to decompose a large document into multiple download segments for download at the same time. The request must contain the range header information to indicate the scope of content that the client wishes to receive and may contain an if-range to use as the request condition. The response must contain the following header fields: Content-range is used to indicate the range of content returned in this response, and if Content-type is a multi-segment download for multipart/byteranges, the Content-range field should be included in each multipart segment to indicate the content scope of this paragraph. If the response contains content-Length, then its value must match the true number of bytes of the content range it returns. Date ETag and/or content-Location , if the same request should return a 200 response. Expires, Cache-Control, and/or vary, if the value may be different than the value of the other response of the same variable as before. If this response request uses the IF-range Strong cache validation, this response should not contain other entity headers, if the request for this response uses if-range Weak cache validation, this response prohibits the inclusion of other entity headers, which avoids inconsistencies between the cached entity content and the updated entity header information. Otherwise, this response should contain all the entity header fields that should be returned in the 200 response. If the ETag or last-modified the header does not match exactly, the client cache should prevent the content returned by the 206 response from being combined with any previously cached content. Any range and content not supported-the cache of range headers suppresses the content returned by caching 206 responses. 207multi-Status by WebDAV (RFC2518The extended status code, which represents the following message body, will be an XML message, and may contain a series of independent response codes, depending on the number of previous child requests.
Third, 3xx redirection
This type of status code represents the need for the client to take further action to complete the request. Typically, these status codes are used for redirection, and subsequent request addresses (redirected targets) are indicated in the location domain of the response.
The user's browser can automatically submit required subsequent requests without user intervention, when and only if the method used by subsequent requests is get or head. The client should automatically monitor for Infinite loop redirection (ex: a→b→c→ ...). →a or A→a), because this causes a large amount of unnecessary resource consumption for the server and the client. The browser should not automatically access more than 5 redirects, as recommended by the Http/1.0 Edition specification.
-multiple Choices The requested resource has a range of available feedback information, each with its own specific address and browser-driven negotiation information. The user or browser is able to choose a preferred address to redirect itself. Unless this is a head request, the response should include an entity with a list of resource attributes and addresses so that the user or browser can choose the most appropriate redirect address. This entity is formatted by the content-is determined by the format defined by the type. The browser may automatically make the most appropriate choice based on the format of the response and the ability of the browser itself. Of course, the RFC 2616 specification does not specify how such an automatic selection should proceed. If the server itself already has the preferred feedback option, the URI of the feedback should be indicated in the location, which the browser may use as the address for automatic redirection. In addition, this response is cacheable unless otherwise specified. 301Moved permanently The requested resource has been permanently moved to a new location, and any future references to this resource should use one of several URIs returned by this response. If possible, clients that have link editing capabilities should automatically modify the requested address to the address returned from the server. Unless otherwise specified, the response is cacheable. The new permanent URI should be returned in the location domain of the response. Unless this is a head request, the response entity should contain a hyperlink to the new URI and a short description. If this is not a get or head request, the browser disables automatic redirection unless the user confirms it, because the requested condition may vary. Note: For some use of HTTP/1. 0 protocol browsers, when they send a POST request to get a 301 response, the next redirect request will become a get mode. 302Found requested resources are now temporarily responding to requests from different URIs. Because such redirects are temporary, the client should continue to send subsequent requests to the original address. Only in the cache-when specified in control or expires, the response is cacheable. The new temporary URI should be returned in the location domain of the response. Unless this is a head request, the response entity should contain a hyperlink to the new URI and a short description. If this is not a get or head request, then the browser disables automatic redirection unless the user confirms it, because the requested condition may vary. Note: Although the RFC 1945 and RFC 2068 specifications do not allow the client to change the method of the request during redirection, many existing browsers treat the 302 response as a 303 response, and use get to access the URI specified in the location, ignoring the method originally requested. Status Codes 303 and 307 are added to clarify how the server expects the client to react. 303See and the response to the current request can be found on another URI, and the client should access that resource in a get way. This method exists primarily to allow the output of the POST request that is activated by the script to redirect to a new resource. This new URI is not an alternative reference to the original resource. Meanwhile, a 303 response is forbidden to be cached. Of course, a second request (redirect) may be cached. The new URI should be returned in the location domain of the response. Unless this is a head request, the response entity should contain a hyperlink to the new URI and a short description. Note: Many HTTP/1the previous browsers of version 1 did not correctly understand the 303 status. If you need to consider the interaction with these browsers, the 302 status code should be competent, because most browsers handle 302 response in the way that the above specification requires the client to handle the 303 response should be done. 304not Modified If the client sends a conditional GET request and the request has been allowed, and the contents of the document (since the last time it was accessed or based on the requested condition) have not changed, the server should return the status code. The 304 response suppresses the inclusion of the message body, so it always ends with the first empty line after the message header. The response must contain the following header information: Date, unless the server does not have a clock. If a server without a clock follows these rules, then the proxy server and the client can add the Date field to the received response header (as specified in RFC 2068), and the caching mechanism will work correctly. ETag and/or content-Location , if the same request should return a 200 response. Expires, Cache-Control, and/or vary, if the value may be different than the value of the other response of the same variable as before. If this response request uses strong cache authentication, then this response should not contain other entity headers, otherwise (for example, a conditional GET request uses weak cache validation), this response prohibits the inclusion of other entity headers, which avoids inconsistencies between the cached entity content and the updated entity header information. If a 304 response indicates that the current entity does not have a cache, the caching system must ignore the response and repeat the request with no restrictions. If you receive a 304 response that requires a cache entry to be updated, the cache system must update the entire entry to reflect all the values of the fields that were updated in the response. 305Use proxy The requested resource must be accessed through the specified proxy. The URI information for the specified proxy is given in the location domain, and the recipient needs to send a separate request repeatedly to access the resource. Only the original server can create a 305 response. Note: There is no explicit 305 response in RFC 2068 to redirect a single request and can only be created by the original server. Ignoring these restrictions can lead to serious security consequences. 306Switch Proxy in the latest version of the specification, the 306 status code is no longer being used. 307temporary Redirect The requested resource is now temporarily responding to requests from different URIs. Because such redirects are temporary, the client should continue to send subsequent requests to the original address. Only in the cache-when specified in control or expires, the response is cacheable. The new temporary URI should be returned in the location domain of the response. Unless this is a head request, the response entity should contain a hyperlink to the new URI and a short description. Because some browsers do not recognize the 307 response, you need to add the necessary information above so that users can understand and make access requests to the new URI. If this is not a get or head request, then the browser disables automatic redirection unless the user confirms it, because the requested condition may vary.
Four, 4xx client error
This type of status code indicates that the client may appear to have an error that prevents the server from processing. Unless the response is a head request, the server should return an entity that interprets the current error condition, and whether this is a temporary or permanent condition. These status codes apply to any request method. The browser should display to the user any entity content contained in such an error response.
If the client is transmitting data when an error occurs, the server implementation using TCP should carefully ensure that the client has received a packet containing the error message before shutting down the connection between the client and the server. If the client continues to send data to the server after receiving the error message, the server's TCP stack sends a reset packet to the client to clear all unrecognized input buffers for that client so that the data is not read by the application on the server and interferes with the latter.
-Bad request cannot be understood by the server because it contains a syntax error. Unless modified, the client should not submit the request repeatedly. 401unauthorized the current request requires user authentication. The response must contain a WWW that applies to the requested resourceThe-authenticate information header is used to inquire about user information. The client can repeatedly submit a request that contains the appropriate authorization header information. If the current request already contains the authorization certificate, the 401 response indicates that the certificate has been rejected by the server authentication. If the 401 response contains the same authentication query as the previous response, and the browser has tried at least one validation, the browser should show the user the entity information contained in the response, because the entity information may contain related diagnostic information. See RFC2617. 402Payment Required The status code is reserved for possible future requirements. 403The Forbidden server has understood the request, but refuses to execute it. Unlike the 401 response, authentication does not provide any help, and the request should not be repeated. If this is not a head request, and the server wants to be able to explain why the request cannot be executed, then the reason for the rejection should be described within the entity. Of course the server can also return a 404 response if it does not want the client to get any information. 404not Found request failed and the requested resource was not found on the server. No information can tell the user whether the situation is temporary or permanent. If the server knows the situation, it should use the 410 status code to tell the old resources because of some internal configuration mechanism problems, has been permanently unavailable, and there is no jump to the address. 404 This status code is widely used when the server does not want to reveal exactly why the request was rejected or if no other appropriate response is available. 405method not allowed the request methods specified in the request line cannot be used to request the appropriate resource. The response must return an allow header to indicate a list of request methods that the current resource can accept. Because the Put,delete method writes to resources on the server, most Web servers do not support or do not allow the above request method under the default configuration, and 405 errors are returned for such requests. 406The content attribute of the resource requested by not acceptable cannot satisfy the condition in the request header, so the response entity cannot be generated. Unless this is a head request, the response should return an entity that contains the most appropriate entity attributes and address lists that the user or browser can choose from. The format of the entity is made up of content-the media type defined in the type header is determined. The browser can make the best choice based on its format and ability. However, the specification does not define any criteria for making such automatic selections. 407The proxy authentication Required is similar to the 401 response, except that the client must authenticate on the proxy server. The proxy server must return a proxy-authenticate is used for identity questioning. The client can return a Proxy-authorization message header for verification. See RFC2617. 408requests Timeout request timed out. The client does not complete a request in the time the server is waiting to be sent. The client can submit the request again at any time without making any changes. 409Conflict The request cannot be completed because there is a conflict between the current state of the requested resource and the request. This code is only allowed to be used in situations where the user is considered to be able to resolve the conflict and will resubmit the new request. The response should contain enough information for the user to discover the source of the conflict. Conflicts usually occur in the processing of put requests. For example, in a version-checking environment, where the version information that accompanies a put-submitted modification request for a specific resource conflicts with one of the previous (third-party) requests, the server should return a 409 error informing the user that the request could not be completed. At this point, it is likely that the response entity will contain a diff comparison between the two conflicting versions, so that the user can resubmit the new version after merging. 410Gone The requested resource is no longer available on the server and has no known forwarding address. Such a situation should be considered permanent. If possible, a client with link editing should remove all references to this address after obtaining the user's permission. If the server does not know or is unsure whether the condition is permanent, then the 404 status Code should be used. Unless otherwise noted, the response is cacheable. 410 The purpose of the response is primarily to help the site administrator maintain the site, informing the user that the resource is no longer available, and that the server owner wants all remote connections that point to the resource to be deleted. Such events are common in time-limited and value-added services. Similarly, a 410 response is used to notify the client that a resource that was originally owned by a person is no longer available on the current server site. Of course, it is necessary to mark all resources that are permanently unavailable as'410 Gone', and whether you need to keep this tag for a long time, depends entirely on the server owner. 411Length Required Server rejected in no content definedAccept the request in case of a-length header. A valid content-that indicates the length of the request message body is addedafter the length header, the client can submit the request again. 412precondition The Failed server failed to satisfy one or more of the prerequisites when validating the prerequisite in the header field of the request. This status code allows the client to set the prerequisites in the requested meta-information (Request header field data) when acquiring the resource, to prevent the request method from being applied to resources other than what it wants. 413Request Entity Too The Large server refuses to process the current request because the size of the entity data submitted by the request exceeds the scope that the server is willing or able to handle. In this case, the server can close the connection to prevent the client from continuing to send this request. If this condition is temporary, the server should return a retry-after the response header to tell the client how much time it can retry later. 414request-The URI Too long requests a URI length that exceeds the length that the server can interpret, so the server refuses to serve the request. This is rare, and typically includes a form submission that should use the Post method as a Get method, which causes the query string to be too long. REDIRECT uri "Black Hole", for example, each redirect takes the old Uri as part of the new URI, resulting in a long URI after several redirects. The client is trying to exploit a security vulnerability in some servers to attack the server. This type of server uses a fixed-length buffer to read or manipulate the requested URI, and when the get parameter exceeds a certain value, a buffer overflow may result, resulting in arbitrary code being executed [1]. A server that does not have such a vulnerability should return a 414 status code. 415unsupported Media Type for the currently requested method and the requested resource, the entity submitted in the request is not a supported format in the server and therefore the request is rejected. 416requested range not satisfiable if a range request header is included in the request and any data range specified in range does not coincide with the current resource's available range, and the request does not define an if-Range request header, the server should return a 416 status code. If range uses a byte range, this is the case where the first byte position of all data ranges specified by the request exceeds the current resource's length. The server should also return a 416 status code with a content-range the entity header to indicate the length of the current resource. This response is also forbidden to use multipart/byteranges as its content-Type. 417expectation Failed The expected content specified in the request header expect cannot be satisfied by the server, or the server is a proxy server, it has obvious evidence that the contents of the expect are not satisfied on the next node of the current route. 418I'm a teapotThis opcode was in 1998 as the IETF's traditional April Fools joke, in RFC2324The hypertext coffee Pot is defined in the control protocol and does not need to be defined in a real HTTP server. 421There is too many connections from your Internet address the number of connections from the current client's IP address to the server exceeds the maximum range of server licenses. Typically, the IP address here refers to the client address seen from the server (such as the user's gateway or proxy server address). In this case, the calculation of the number of connections may involve more than one end user. 422The unprocessable Entity request is well-formed, but cannot respond because of a semantic error. (RFC4918WebDAV)423Locked The current resource is locked. (RFC4918WebDAV)424Failed Dependency The current request failed due to a previous request, such as Proppatch. (RFC4918WebDAV)425Unordered Collection is defined in the WebDAV advanced collections draft, but does not appear in the WebDAV sequence set protocol (RFC3658). 426Upgrade Required Client should switch to TLS/1.0。 (RFC2817)449Retry with Microsoft extensions, on behalf of the request should be retried after performing the appropriate operation.
Five, 5xx server error
This type of status code indicates that the server has an error or an abnormal state in the process of processing the request, or that the server is aware that the processing of the request cannot be completed with the current hardware and software resources. Unless this is a head request, the server should contain an explanatory information entity that interprets the current error state and whether the condition is temporary or permanent. The browser should show the user any entities that are contained in the current response.
These status codes apply to any response method.
-The Internal Server Error Server encountered an unexpected condition that caused it to be unable to complete the processing of the request. In general, this problem occurs when the server's code is wrong. 501the not implemented server does not support a feature that is required for the current request. When the server does not recognize the requested method and cannot support its request for any resource. 502Bad Gateway receives an invalid response from the upstream server when it tries to execute the request as a gateway or as a proxy working server. 503Service Unavailable The server is currently unable to process requests due to temporary server maintenance or overloading. This situation is temporary and will be resumed after a certain period of time. If the delay time can be estimated, then the response can contain a retryThe-after head is used to indicate this delay time. If this retry-is not givenAfter information, the client should handle it in a manner that handles 500 responses. 504Gateway Timeout fails to receive a response from the upstream server (the server that the URI identifies, such as HTTP, FTP, LDAP), or a secondary server (such as DNS) when it attempts to execute the request as a gateway or a proxy-working server. Note: Some proxy servers return 400 or 500 errors in DNS query timeout505The HTTP version not supported server does not support or refuses to support HTTP versions that are used in the request. This implies that the server cannot or does not want to use the same version as the client. The response should contain an entity that describes why the version is not supported and which protocols the server supports. 506Variant Also negotiates by the Transparent Content negotiation Protocol (RFC)2295) extension, there is an internal configuration error on behalf of the server: The requested negotiation meta-resource is configured to use itself in transparent content negotiation, so it is not an appropriate focus in a negotiation process. 507the insufficient Storage server cannot store the content necessary to complete the request. The situation is considered to be temporary. WebDAV (RFC4918)509The Bandwidth limit exceeded server has reached bandwidth throttling. This is not an official status code, but is still widely used. 510not Extended the policies needed to get resources are not met.
HTTP Status Code Collection