1xx message
This type of Status Code indicates that the request has been accepted and must be processed. This type of response is a temporary response. It only contains the status line and some optional response header information and ends with a blank line. Because no 1xx status code is defined in HTTP/1.0, the server prohibits sending 1xx responses to such clients unless in some test conditions. These status codes indicate that the responses are informative and indicate other actions that the customer should take.
-
100 continue
-
The client should continue sending requests. This temporary response is used to notify the client that some of its requests have been received by the server and have not been rejected. The client should continue to send the remaining part of the request, or ignore this response if the request has been completed. The server must send a final response to the client after the request is complete.
-
101 switching protocols
-
The server has understood the client request and will use the upgrade message header to notify the client to use different protocols to complete the request. After sending the final blank line of the response, the server will switch to the protocols defined in the upgrade message header. : Similar measures should be taken only when switching to a new protocol is more advantageous. For example, switching to a new HTTP Version is more advantageous than the old version, or switching to a real-time and synchronous protocol to transmit resources that utilize such features.
-
102 Processing
-
The Status Code extended by WebDAV (RFC 2518) indicates that the processing will continue.
2XX successful
This type of Status Code indicates that the request has been successfully received, understood, and accepted by the server.
-
200 OK
-
The request is successful, and the desired response header or data body will be returned with this response.
-
201 created
-
The request has been implemented, and a new resource has been created based on the request requirements, and its Uri has been returned with the location header information. If the required resources cannot be created in a timely manner, the system should return '202 accepted '.
-
202 accepted
-
The server has accepted the request but has not yet processed it. As it may be rejected, the request may or may not be executed. In the case of asynchronous operations, there is no more convenient way than sending this status code. : A 202 status code response is returned to allow the server to accept requests from other processes (for example, a batch-based operation that is executed only once a day ), the client does not have to be connected to the server until all batch operations are completed. Responses that accept request processing and return status code 202 should include some information indicating the processing of the current status in the returned entity, as well as a pointer to the processing status monitor or status prediction, this allows you to determine whether the operation has been completed.
-
203 non-authoritative information
-
The server has successfully processed the request, but the returned object header metadata is not a valid set on the original server, but a copy from a local or a third party. The current information may be a subset or superset of the original version. For example, metadata containing resources may cause the original server to know the superset of metadata. This status code is not required, and it is appropriate only when the response does not use this status code and 200 OK is returned.
-
204 NO content
-
The server successfully processes the request, but does not need to return any entity content and wants to return the updated metadata. The response may return new or updated metadata in the form of an object header. If such header information exists, it should echo the requested variable.
-
If the client is a browser, the user's browser should keep the page that sent the request without any changes in the document view, even if the new or updated metadata according to the specifications should be applied to the documents in the user browser activity view.
-
Because the 204 response is forbidden to contain any message body, it always ends with the first blank line after the message header.
-
205 reset content
-
The server successfully processes the request and does not return any content. However, unlike the 204 response, the response that returns this status code requires the requester to reset the document view. This response is mainly used to reset the form immediately after receiving user input, so that the user can easily start another input.
-
Like the 204 response, the response is also forbidden to contain any message body and ends with the first blank line after the message header.
-
206 partial content
-
The server has successfully processed some GET requests. HTTP download tools similar to flashget or thunder use this type of response to achieve resumable upload or split a large document into multiple download segments for simultaneous download.
-
The request must contain the range header to indicate the content range that the client wants and may contain if-range as the request condition.
-
The response must contain the following header fields:
- Content-range indicates the range of content returned in this response. If the Content-Type is multipart/byteranges, each multipart segment should contain the content-range field to indicate the content range of this segment. If the response contains Content-Length, its value must match the actual number of bytes in the returned content range.
- Date
- Etag and/or content-location. If the same request is sent, the system returns the 200 response.
- Expires, cache-control, and/or vary, if the value may be different from the value corresponding to other responses of the same variable.
-
If the response request uses the IF-range strong cache verification, the response should not contain other entity headers. If the Response Request uses the IF-range weak cache verification, this response prohibits the inclusion of other object headers. This prevents inconsistency between the cached object content and the updated object header information. Otherwise, this response should contain all entity header fields that should be returned in the 200 response.
-
If the etag or last-modified header cannot be exactly matched, the client cache should prohibit the combination of the 206 response returned content and any previously cached content.
-
Any cache that does not support the range and content-range headers prohibits the caching of the content returned by the 206 response.
-
207 multi-status
-
The Status Code extended by WebDAV (RFC 2518) indicates that the subsequent message body is an XML message and may contain a series of independent response codes based on the number of previous subrequests.
3xx redirection Status Code indicates that the request can be completed only after the client takes further operations. These status codes are usually used for redirection, and subsequent request addresses (redirection targets) are specified in the location domain of this response.
If the method used for subsequent requests is get or head, the user's browser can automatically submit the required subsequent requests without user intervention. The client should automatically monitor infinite loop redirection (for example, a → B → C → ...... → A or a → A), because this will cause a large amount of unnecessary resource consumption on the server and client. According to the HTTP/1.0 standard, the browser should not automatically access the redirection for more than five times.
-
300 multiple choices
-
The requested resource has a series of optional feedback information, each of which has its own specific address and browser-driven deliberation information. Users or browsers can select a preferred address for redirection.
-
Unless this is a head request, the response should include an entity in the list of resource features and addresses, so that the user or browser can select the most appropriate redirection address from it. The format of this object is determined by the format defined by Content-Type. The browser may automatically make the most appropriate choice based on the response format and the browser's own capabilities. Of course, the RFC 2616 specification does not specify how to perform such automatic selection.
-
If the server already has the preferred feedback option, you should specify the URI of the feedback in location. The browser may use this location value as the automatically redirected address. In addition, this response can be cached unless otherwise specified.
-
301 moved permanently
-
The requested resource has been permanently moved to a new location. In the future, any reference to this resource should use one of the several Uris returned in this response. If possible, clients with the link editing function should automatically change the requested address to the address returned from the server. This response can be cached unless otherwise specified.
-
The new permanent URI should be returned in the response location domain. Unless this is a head request, the response entity should contain hyperlinks and brief descriptions pointing to the new Uri.
-
If this is not a get or head request, the browser prohibits automatic redirection unless it is confirmed by the user because the request conditions may change.
-
Note: For Some browsers that use the HTTP/1.0 protocol, when the post requests they send receive a 301 response, the next redirect request will become the get method.
-
302 found
-
The requested resource now temporarily responds to the request from different Uris. As such redirection is temporary, the client should continue to send future requests to the original address. This response can be cached only when cache-control or expires is specified.
-
The new temporary URI should be returned in the response location domain. Unless this is a head request, the response entity should contain hyperlinks and brief descriptions pointing to the new Uri.
-
If this is not a get or head request, the browser prohibits automatic redirection unless it is confirmed by the user because the request conditions may change.
-
Note: Although RFC 1945 and RFC 2068 do not allow the client to change the request method during redirection, many existing browsers regard the 302 response as a 303 response, in addition, the get method is used to access the URI specified in location, regardless of the original request method. Status Codes 303 and 307 are added to specify the response that the server expects from the client.
-
303 see other
-
The response corresponding to the current request can be found on another Uri, and the client should use the get method to access that resource. This method is mainly used to allow the POST request output activated by the script to be redirected to a new resource. This new URI is not an alternative reference to the original resource. At the same time, 303 of responses are forbidden from being cached. Of course, the second request (redirection) may be cached.
-
The new URI should be returned in the response location domain. Unless this is a head request, the response entity should contain hyperlinks and brief descriptions pointing to the new Uri.
-
Note: Many browsers earlier than HTTP/1.1 cannot correctly understand the 303 status. If you need to consider interaction with these browsers, the 302 status code should be competent, because most browsers handle the 302 response in exactly the way that the above specifications require the client to handle the 303 response.
-
304 not modified
-
If the client sends a GET request with a condition and the request has been allowed, and the content of the document (since the last access or according to the condition of the request) has not changed, the server should return this status code. 304 the response is forbidden to contain the message body. Therefore, it always ends with the first blank line after the message header.
-
The response must contain the following header information:
- Date, unless the server has no clock. If a server without a clock complies with these rules, the proxy server and the client can add the date field to the received Response Header (as specified in RFC 2068 ), the cache mechanism will work normally.
- Etag and/or content-location. If the same request should have returned a 200 response.
- Expires, cache-control, and/or vary, if the value may be different from the value corresponding to other responses of the same variable.
-
If this Response Request uses strong cache verification, this response should not contain other entity headers; otherwise (for example, a conditional GET request uses weak cache verification ), this response prohibits the inclusion of other object headers. This avoids inconsistency between cached object content and updated object header information.
-
If a 304 response indicates that an object is not cached, the cache system must ignore the response and repeatedly send requests that do not contain restrictions.
-
If a 304 response is received to update a cache entry, the cache system must update the entire entry to reflect the values of all the fields updated in the response.
-
305 use proxy
-
The requested resource can be accessed only through the specified proxy. The specified proxy URI is provided in the location field. The receiver must send a separate request to access the corresponding resource. Only the original server can establish a 305 response.
-
Note: RFC 2068 does not specify that the 305 response is to redirect a separate request and can only be created by the original server. Ignoring these limits may cause serious security consequences.
-
306 switch proxy
-
In the latest specification, status code 306 is no longer in use.
-
307 temporary redirect
-
The requested resource now temporarily responds to the request from different Uris. As such redirection is temporary, the client should continue to send future requests to the original address. This response can be cached only when cache-control or expires is specified.
-
The new temporary URI should be returned in the response location domain. Unless this is a head request, the response entity should contain hyperlinks and brief descriptions pointing to the new Uri. Because some browsers cannot recognize 307 responses, you need to add the necessary information so that users can understand and send access requests to new Uris.
-
If this is not a get or head request, the browser prohibits automatic redirection unless it is confirmed by the user because the request conditions may change.
4xx request Error
This type of Status Code indicates that an error may occur on the client, which hinders server processing. Unless a head request is returned, the server should return an entity that interprets the current error and whether it is temporary or permanent. These Status Codes apply to any request method. The browser should show users any entity content contained in such error responses.
If the client is transmitting data when an error occurs, the TCP server implementation should carefully ensure that the client has received a packet containing the error message before closing the connection between the client and the server. If the client continues to send data to the server after receiving the error message, the TCP stack of the server will send a reset packet to the client to clear all the unknown input buffers of the client, this prevents the data from being read by the application on the server and interfering with the latter.
-
400 bad request
-
The current request cannot be understood by the server due to a syntax error. The client should not submit this request again unless it is modified.
-
401 unauthorized
-
The current request requires user authentication. The response must contain a WWW-Authenticate header for the requested resource to ask for user information. The client can submit a request that contains the appropriate authorization header information. If the current request already contains the authorization certificate, then the 401 response indicates that the server authentication has rejected those certificates. If the 401 response contains the same authentication request as the previous response, and the browser has tried verification at least once, the browser should display the entity information contained in the response to the user, this entity information may contain diagnostic information. See RFC 2617.
-
402 payment required
-
This status code is reserved for future potential needs.
-
403 Forbidden
-
The server has understood the request but refused to execute it. Different from 401 responses, authentication cannot provide any help and the request should not be submitted repeatedly. If this is not a head request and the server wants to clarify why the request cannot be executed, the reason for rejection should be described in the entity. Of course, the server can also return a 404 response, if it does not want the client to obtain any information.
-
404 not found
-
Request failed. The requested resource is not found on the server. No information can tell the user whether the situation is temporary or permanent. If the server knows the situation, it should use the 410 status code to inform the old resource that it is permanently unavailable due to some internal configuration mechanism problems, and there is no jump address. 404 this status code is widely used when the server does not want to reveal why the request is rejected or no other suitable response is available.
-
405 method not allowed
-
The request method specified in the request line cannot be used to request resources. The response must return an allow header to indicate a list of request methods that the current resource can accept.
-
The put and delete Methods write resources on the server. Therefore, most Web servers do not support the put and delete methods, or the above request methods are not allowed in the default configuration, for such requests, error 405 is returned.
-
406 not acceptable
-
The content characteristics of the requested resource cannot meet the conditions in the Request Header, so the response entity cannot be generated.
-
Unless this is a head request, the response should return an object that contains the entity that allows the user or the browser to select the most appropriate entity feature and address list. The format of an object is determined by the media type defined in the Content-Type header. The browser can make the best choice based on the format and its own capabilities. However, the specification does not define any criteria for making such automatic choices.
-
407 proxy authentication required
-
Similar to the 401 response, the client must perform authentication on the proxy server. The proxy server must return a proxy-authenticate for identity inquiry. The client can return a proxy-Authorization Header for verification. See RFC 2617.
-
408 request timeout
-
Request timeout. The client did not complete sending a request within the waiting time of the server. The client can submit this request again at any time without any changes.
-
409 conflict
-
The request cannot be completed because of a conflict with the current status of the requested resource. This code can only be used in this case: the user is considered to be able to resolve the conflict, and a new request will be submitted again. The response should contain sufficient information for the user to find the source of the conflict.
-
A conflict usually occurs in the processing of put requests. For example, in a version check environment, the version information contained in a put request to modify a specific resource conflicts with a previous (third-party) request, in this case, the server should return a 409 error, notifying the user that the request cannot be completed. In this case, the response entity may include a comparison between two conflicting versions, so that you can resubmit the new versions after merging.
-
410 gone
-
The requested resource is no longer available on the server and there is no known forwarding address. Such a situation should be considered permanent. If possible, clients with the link editing function should delete all references pointing to this address after obtaining the user's permission. If the server does not know or cannot determine whether the condition is permanent, the 404 status code should be used. This response can be cached unless otherwise specified.
-
410 The purpose of the response is to help the website administrator maintain the website and notify the user that the resource is no longer available, and the server owner wants all remote connections pointing to the resource to be deleted. Such events are common in time-limited and value-added services. Similarly, the 410 response is used to notify the client on the current server site that resources belonging to a certain person are no longer available. Of course, whether you need to mark all permanently unavailable resources as '100 gone' and how long it will take to keep it depends entirely on the server owner.
-
411 length required
-
The server rejects the request without defining the Content-Length header. After a valid Content-Length header indicating the length of the Request Message Body is added, the client can submit the request again.
-
412 precondition failed
-
The server fails to meet one or more of the prerequisites in the request header field. This status code allows the client to set the prerequisites in the requested metadata (request header field data) when obtaining resources, this prevents the request method from being applied to resources other than the desired content.
-
413 Request Entity too large
-
The server rejects the current request because the size of the physical data submitted by the request exceeds the scope that the server is willing to or can handle. In this case, the server can close the connection to prevent the client from sending this request.
-
If this condition is temporary, the server should return a retry-after response header to tell the client how long it will take to retry.
-
414 request-URI Too Long
-
The length of the request URI exceeds the length that the server can interpret. Therefore, the server rejects the request. This is rare. The common situations include:
- The form submission using the POST method is changed to the get method, resulting in the query string being too long.
- Redirection Uri "black hole". For example, the old URI is used as a part of the new URI each time, resulting in a long URI after several redirection.
- The client is attempting to use security vulnerabilities on some servers to attack the server. These servers use fixed-length buffer read or operation request Uris. When the get parameter exceeds a certain value, a buffer overflow may occur, resulting in arbitrary code execution [1]. Servers that do not have such vulnerabilities should return status code 414.
-
415 unsupported media type
-
For the current request method and requested resources, the entity submitted in the request is not in the format supported by the server, so the request is rejected.
-
416 requested range not satisfiable
-
If the request contains a range request header, and any data range specified in the range does not overlap with the available range of the current resource, and the request does not define the IF-range request header, the server should return the 416 status code.
-
If range uses a byte range, this means that the first byte location of all data ranges specified by the request exceeds the length of the current resource. The server should also contain a content-range object header while returning the 416 status code to specify the length of the current resource. This response is also forbidden to use multipart/byteranges as its content-type.
-
417 expectation failed
-
The expected content specified in the request header cannot be met by the server, or the server is a proxy server, which has obvious evidence that it is on the next node of the current route, the content of CT cannot be satisfied.
-
418 I'm a teapot
-
This operation code is a traditional Fool joke of IETF in 1998, in RFC 2324
Hypertext coffee pot Control ProtocolDoes not need to be defined in the real HTTP server.
-
421 There are too functions connections from your Internet address
-
The number of connections from the IP address of the current client to the server exceeds the maximum permitted range of the server. Generally, the IP address here refers to the client address (such as the user's gateway or proxy server address) seen on the server ). In this case, the number of connections may involve more than one end user.
-
422 unprocessable entity
-
The request format is correct, but the request cannot be responded due to semantic errors. (RFC 4918 WebDAV)
-
423 locked
-
The current resource is locked. (RFC 4918 WebDAV)
-
424 failed dependency
-
The current request failed due to an error in a previous request, such as proppatch. (RFC 4918 WebDAV)
-
425 unordered collection
-
Defined in the draft WebDAV advanced collections, but not found in the WebDAV sequence set protocol (RFC 3658.
-
426 upgrade required
-
The client should switch to TLS/1.0. (RFC 2817)
-
449 retry
-
By Microsoft extension, requests should be retried after appropriate operations are performed.
5xx Server Error
This type of Status Code indicates that an error or exception occurs when the server processes the request, or the server may realize that the current hardware and software resources cannot process the request. Unless this is a head request, the server should contain an entity that interprets the current error status and whether the situation is temporary or permanent. The browser should show the User Any entity contained in the current response.
These Status Codes apply to any response method.
-
500 Internal Server Error
-
The server encountered an unexpected situation, causing it to fail to process the request. Generally, this issue occurs when the server program crashes.
-
501 not implemented
-
The server does not support a function required by the current request. When the server cannot identify the Request Method and cannot support its requests to any resource.
-
502 Bad Gateway
-
When a gateway or proxy server tries to execute a request, it receives an invalid response from the upstream server.
-
503 service unavailable
-
The server cannot process requests because of temporary server maintenance or overload. This situation is temporary and will be restored after a period of time. If you can predict the delay time, the response can contain a retry-after header to indicate the delay time. If this retry-after information is not provided, the client should process it in the form of 500 response.
-
504 gateway timeout
-
When a server that works as a gateway or proxy attempts to execute a request, it fails to promptly access the upstream server (the server identified by the URI, such as HTTP, FTP, LDAP) or the secondary server (such as DNS) receive the response.
-
Note: Some proxy servers will return error 400 or 500 when DNS query times out.
-
505 HTTP Version Not Supported
-
The server does not support or rejects the HTTP Version Used in the request. This implies that the server cannot or does not want to use the same version as the client. The response should contain an entity that describes why the version is not supported and what protocols the server supports.
-
506 variant also negotiates
-
Extended by transparent content negotiation protocol (RFC 2295), it indicates that the server has an internal configuration error: the requested negotiated variable resource is configured to be used in transparent content negotiation, therefore, it is not a proper focus in a negotiation process.
-
507 insufficient storage
-
The server cannot store the content required to complete the request. This situation is considered temporary. WebDAV (RFC 4918)
-
509 bandwidth limit exceeded
-
The server reaches the bandwidth limit. This is not an official status code, but it is still widely used.
-
510 not extended
-
The policies required for obtaining resources are not met. (RFC 2774)