Code |
Meaning |
100 |
The client should continue to send the request. This temporary response is used to inform the client that some of its requests have been received by the server and are still not rejected. The client should continue to send the remainder of the request, or ignore the response if the request has been completed. The server must send a final response to the client after the request is complete. |
101 |
The server has understood the client's request and will notify the client via a upgrade message header that a different protocol is being used to complete the request. After the last empty line of the response is sent, the server switches to those protocols defined in the upgrade message header. Similar measures should be taken only when switching to a new protocol is more beneficial. For example, switching to a new HTTP version is more advantageous than an older version, or switching to a real-time, synchronized protocol to deliver resources that exploit this type of feature. |
102 |
The status code that is extended by WebDAV (RFC 2518), on behalf of processing, will continue to execute. |
200 |
The request was successful, and the desired response header or data body will be returned with this response. |
201 |
The request has been implemented, and a new resource has been established according to the request, and its URI has been returned with the location header information. If the necessary resources cannot be established in time, the ' 202 Accepted ' should be returned. |
202 |
The server has accepted the request but has not yet processed it. As it may be rejected, the request may or may not be executed at the end. In the case of asynchronous operation, there is no more convenient way to send this status code. The purpose of a response that returns a 202 status code is to allow the server to accept requests from other processes, such as a batch-based operation that executes only once a day, without having the client remain connected to the server until the batch operation is complete. Responses that accept requests for processing and return a 202 status code should include in the returned entity some information indicating the processing of the current state, as well as pointers to processing status monitors or state predictions so that the user can estimate whether the operation has completed. |
203 |
The server has successfully processed the request, but the returned entity header meta-information is not a valid set on the original server, but a copy from a local or a third party. The current information may be a subset or a superset of the original version. For example, metadata that contains resources may cause the original server to know the meta information is super. It is not necessary to use this status code, and it is appropriate only if the response does not use this status code to return a number of OK. |
204 |
The server successfully processed the request, but did not need to return any entity content, and wanted to return the updated meta information. The response may return new or updated meta information in the form of an entity header. If the header information exists, it should be echoed with the requested variable. If the client is a browser, then the user's browser should keep the page that sent the request without any changes in the document view, even if the new or updated meta information by specification should be applied to the document in the user's browser's active view. Because the 204 response is forbidden to contain any message bodies, it always ends with the first empty line after the message header. |
205 |
The server successfully processed the request and did not return any content. However, unlike the 204 response, a response that returns this status code requires the requestor to reset the document view. The response is primarily used to accept user input and immediately resets the form so that the user can easily start another input. As with the 204 response, the response is also suppressed to contain any message bodies and ends with the first empty line after the message header. |
206 |
The server has successfully processed a partial GET request. HTTP download tools such as FlashGet or Thunderbolt are used to implement a breakpoint continuation or to decompose a large document into multiple download segments for download at the same time. The request must contain the range header information to indicate the scope of content that the client expects, and may contain if-range to be used as a request condition. The response must contain the following header fields: Content-range is used to indicate the range of content returned in this response, and if Content-type is a multi-segment download for multipart/byteranges, each multipart segment should contain Conten The T-range field is used to indicate the content scope of this paragraph. If the response contains Content-length, then its value must match the true number of bytes of the content range it returns. Date ETag and/or content-location, if the same request should return a 200 response. Expires, Cache-control, and/or Vary, if the value may be different than the value of the other response of the same variable as before. If this response request uses If-range strong cache authentication, then this response should not contain other entity headers, and if the request for this response uses If-range weak cache authentication, then this response prohibits the inclusion of other entity headers, which avoids inconsistencies between the cached entity content and the updated entity header information. Otherwise, this response should contain all the entity header fields that should be returned in the 200 response. If the ETag or last-modified header does not match exactly, the client cache should prevent the content returned by the 206 response from being combined with any previously cached content. Any cache that does not support Range and Content-range headers disables caching of 206 of the responses returned. |
207 |
The status code that is extended by WebDAV (RFC 2518), which represents the following message body, will be an XML message and may contain a series of independent response codes, depending on the number of previous child requests. |
300 |
The requested resource has a range of available feedback information, each with its own specific address and browser-driven negotiation information. The user or browser is able to choose a preferred address to redirect itself. Unless this is a HEAD request, the response should include an entity with a list of resource attributes and addresses so that the user or browser can choose the most appropriate redirect address. The format of this entity is determined by the format defined by Content-type. The browser may automatically make the most appropriate choice based on the format of the response and the ability of the browser itself. Of course, the RFC 2616 specification does not specify how such an automatic selection should proceed. If the server itself already has the preferred feedback option, the URI of the feedback should be indicated in the location, which the browser may use as the address for automatic redirection. In addition, this response is cacheable unless otherwise specified. |
301 |
The requested resource has been permanently moved to a new location, and any future references to this resource should use one of several URIs returned by this response. If possible, clients that have link editing capabilities should automatically modify the requested address to the address returned from the server. Unless otherwise specified, the response is cacheable. The new permanent URI should be returned in the location domain of the response. Unless this is a HEAD request, the response entity should contain a hyperlink to the new URI and a short description. If this is not a GET or HEAD request, the browser disables automatic redirection unless the user confirms it, because the requested condition may vary. Note: For some browsers that use the http/1.0 protocol, when they send a POST request that gets a 301 response, the next redirect request becomes a Get method. |
60W |
The requested resource is now temporarily responding to requests from different URIs. Because such redirects are temporary, the client should continue to send subsequent requests to the original address. This response is cacheable only if specified in Cache-control or expires. The new temporary URI should be returned in the location domain of the response. Unless this is a HEAD request, the response entity should contain a hyperlink to the new URI and a short description. If this is not a GET or HEAD request, then the browser disables automatic redirection unless the user confirms it, because the requested condition may vary. Note: Although the RFC 1945 and RFC 2068 specifications do not allow the client to change the method of the request during redirection, many existing browsers treat the 302 response as a 303 response, and use GET to access the URI specified in the location, ignoring the method originally requested. Status Codes 303 and 307 are added to clarify how the server expects the client to react. |
303 |
The response to the current request can be found on another URI, and the client should access that resource in a GET way. This method exists primarily to allow the output of the POST request that is activated by the script to redirect to a new resource. This new URI is not an alternative reference to the original resource. Meanwhile, a 303 response is forbidden to be cached. Of course, a second request (redirect) may be cached. The new URI should be returned in the location domain of the response. Unless this is a HEAD request, the response entity should contain a hyperlink to the new URI and a short description. Note: Many http/1.1 versions of previous browsers do not correctly understand the 303 status. If you need to consider the interaction with these browsers, the 302 status code should be competent, because most browsers handle 302 response in the way that the above specification requires the client to handle the 303 response should be done. |
304 |
The server should return this status code if the client sends a conditional GET request and the request has been allowed, and the contents of the document (since the last time it was accessed or based on the requested condition) have not changed. The 304 response suppresses the inclusion of the message body, so it always ends with the first empty line after the message header. The response must contain the following header information: Date, unless the server does not have a clock. If a server without a clock follows these rules, then the proxy server and the client can add the Date field to the received response header (as specified in RFC 2068), and the caching mechanism will work correctly. ETag and/or content-location, if the same request should return a 200 response. Expires, Cache-control, and/or vary, if the value may be different than the value of the other response of the same variable as before. If this response request uses strong cache authentication, then this response should not contain other entity headers, otherwise (for example, a conditional GET request uses weak cache validation), this response prohibits the inclusion of other entity headers, which avoids inconsistencies between the cached entity content and the updated entity header information. If a 304 response indicates that the current entity does not have a cache, the caching system must ignore the response and repeat the request with no restrictions. If you receive a 304 response that requires a cache entry to be updated, the cache system must update the entire entry to reflect all the values of the fields that were updated in the response. |
305 |
The requested resource must be accessed through the specified proxy. The URI information for the specified proxy is given in the location domain, and the recipient needs to send a separate request repeatedly to access the resource. Only the original server can establish a 305 response. Note: There is no explicit 305 response in RFC 2068 to redirect a single request and can only be established by the original server. Ignoring these restrictions can lead to serious security consequences. |
306 |
In the latest version of the specification, the 306 status code is no longer in use. |
60R |
The requested resource is now temporarily responding to requests from different URIs. Because such redirects are temporary, the client should continue to send subsequent requests to the original address. This response is cacheable only if specified in Cache-control or expires. The new temporary URI should be returned in the location domain of the response. Unless this is a head request, the response entity should contain a hyperlink to the new URI and a short description. Because some browsers do not recognize the 307 response, you need to add the necessary information above so that users can understand and make access requests to the new URI. If this is not a GET or HEAD request, then the browser disables automatic redirection unless the user confirms it, because the requested condition may vary. |
400 |
1, the semantic error, the current request can not be understood by the server. Unless modified, the client should not submit the request repeatedly. 2, the request parameter is wrong. |
60s |
The current request requires user authentication. The response must contain a Www-authenticate information header for the requested resource to ask for user information. The client can repeatedly submit a request that contains the appropriate Authorization header information. If the current request already contains the Authorization certificate, the 401 response indicates that the certificate has been rejected by the server authentication. If the 401 response contains the same authentication query as the previous response, and the browser has tried at least one validation, the browser should show the user the entity information contained in the response, because the entity information may contain related diagnostic information. See RFC 2617. |
402 |
This status code is reserved for possible future requirements. |
403 |
The server has understood the request, but refuses to execute it. Unlike the 401 response, authentication does not provide any help, and the request should not be repeated. If this is not a HEAD request, and the server wants to be able to explain why the request cannot be executed, then the reason for the rejection should be described within the entity. Of course the server can also return a 404 response if it does not want the client to get any information. |
404 |
The request failed and the requested resource was not found on the server. No information can tell the user whether the situation is temporary or permanent. If the server knows the situation, it should use the 410 status code to tell the old resources because of some internal configuration mechanism problems, has been permanently unavailable, and there is no jump to the address. 404 This status code is widely used when the server does not want to reveal exactly why the request was rejected or if no other appropriate response is available. |
405 |
The request method specified in the request line cannot be used to request the appropriate resource. The response must return an allow header to indicate a list of request methods that the current resource can accept. Because the Put,delete method writes to resources on the server, most Web servers do not support or do not allow the above request method under the default configuration, and 405 errors are returned for such requests. |
50W |
The content attribute of the requested resource could not satisfy the criteria in the request header, so the response entity could not be generated. Unless this is a HEAD request, the response should return an entity that contains the most appropriate entity attributes and address lists that the user or browser can choose from. The format of the entity is determined by the media type defined in the Content-type header. The browser can make the best choice based on its format and ability. However, the specification does not define any criteria for making such automatic selections. |
407 |
Similar to the 401 response, except that the client must authenticate on the proxy server. The proxy server must return a proxy-authenticate to be used for identity questioning. The client can return a Proxy-authorization message header for verification. See RFC 2617. |
408 |
The request timed out. The client does not complete a request in the time the server is waiting to be sent. The client can submit the request again at any time without making any changes. |
409 |
The request could not be completed because there was a conflict between the current state of the requested resource and the request. This code is only allowed to be used in situations where the user is considered to be able to resolve the conflict and will resubmit the new request. The response should contain enough information for the user to discover the source of the conflict. Conflicts usually occur in the processing of PUT requests. For example, in a version-checking environment, where the version information that accompanies a PUT-submitted modification request for a specific resource conflicts with one of the previous (third-party) requests, the server should return a 409 error informing the user that the request could not be completed. At this point, it is likely that the response entity will contain a diff comparison between the two conflicting versions, so that the user can resubmit the new version after merging. |
410 |
The requested resource is no longer available on the server, and there are no known forwarding addresses. Such a situation should be considered permanent. If possible, a client with link editing should remove all references to this address after obtaining the user's permission. If the server does not know or is unsure whether the condition is permanent, then the 404 status Code should be used. Unless otherwise noted, the response is cacheable. 410 The purpose of the response is primarily to help the site administrator maintain the site, informing the user that the resource is no longer available, and that the server owner wants all remote connections that point to the resource to be deleted. Such events are common in time-limited and value-added services. Similarly, a 410 response is used to notify the client that a resource that was originally owned by a person is no longer available on the current server site. Of course, it is entirely up to the server owner to mark all permanently unavailable resources as ' 410 Gone ' and how long it will take to keep this tag. |
411 |
The server refuses to accept the request without defining a content-length header. After adding a valid Content-length header that indicates the body length of the request message, the client can submit the request again. |
412 |
The server failed to satisfy one or more of these when validating the prerequisites in the header field of the request. This status code allows the client to set the prerequisites in the requested meta-information (Request header field data) when acquiring the resource, to prevent the request method from being applied to resources other than what it wants. |
413 |
The server refuses to process the current request because the size of the entity data submitted by the request exceeds the scope that the server is willing or able to handle. In this case, the server can close the connection to prevent the client from continuing to send this request. If this condition is temporary, the server should return a retry-after response header to tell the client how much time it can retry. |
414 |
The requested URI length exceeds the length that the server can interpret, so the server refuses to service the request. This is rare, and typically includes a form submission that should use the Post method as a Get method, which causes the query string to be too long. REDIRECT uri "Black Hole", for example, each redirect takes the old Uri as part of the new URI, resulting in a long URI after several redirects. The client is trying to exploit a security vulnerability in some servers to attack the server. This type of server uses a fixed-length buffer to read or manipulate the requested URI, and when the GET parameter exceeds a certain value, a buffer overflow may result, resulting in arbitrary code being executed [1]. A server that does not have such a vulnerability should return a 414 status code. |
415 |
For the currently requested method and the requested resource, the entity submitted in the request is not a supported format in the server and therefore the request is rejected. |
416 |
If a range request header is included in the request, and any data range specified in range does not coincide with the current resource's available range, and the request does not have a If-range request header defined, the server should return a 416 status code. If range uses a byte range, this is the case where the first byte position of all data ranges specified by the request exceeds the current resource's length. The server should also include a Content-range entity header to indicate the length of the current resource while returning a 416 status code. This response is also forbidden to use multipart/byteranges as its content-type. |
417 |
The expected content specified in the request header Expect cannot be satisfied by the server, or the server is a proxy server, and it has obvious evidence that the contents of the Expect are not satisfied on the next node of the current route. |
421 |
The number of connections from the current client's IP address to the server exceeds the maximum range of server licenses. Typically, the IP address here refers to the client address seen from the server (such as the user's gateway or proxy server address). In this case, the calculation of the number of connections may involve more than one end user. |
422 |
The number of connections from the current client's IP address to the server exceeds the maximum range of server licenses. Typically, the IP address here refers to the client address seen from the server (such as the user's gateway or proxy server address). In this case, the calculation of the number of connections may involve more than one end user. |
422 |
The request is well-formed, but cannot be responded to because of a semantic error. (RFC 4918 WebDAV) 423 Locked The current resource is locked. (RFC 4918 WebDAV) |
424 |
The current request failed, such as PROPPATCH, because of an error that occurred in a previous request. (RFC 4918 WebDAV) |
425 |
Defined in the WebDAV advanced collections draft, but does not appear in the WebDAV sequence set protocol (RFC 3658). |
426 |
The client should switch to tls/1.0. (RFC 2817) |
449 |
Extended by Microsoft, the representative request should be retried after the appropriate action has been performed. |
500 |
The server encountered an unexpected condition that prevented it from completing the processing of the request. In general, this problem occurs when the server's code is wrong. |
501 |
The server does not support a feature that is required for the current request. When the server does not recognize the requested method and cannot support its request for any resource. |
502 |
An invalid response was received from the upstream server when the server acting as a gateway or agent attempted to execute the request. |
503 |
The server is currently unable to process the request due to temporary server maintenance or overloading. This situation is temporary and will be resumed after a certain period of time. If the delay time can be estimated, then the response can include a retry-after header to indicate the delay time. If this retry-after message is not given, the client should handle it in a manner that handles 500 responses. Note: The presence of a 503 status code does not mean that the server must use it when it is overloaded. Some servers simply want to deny connections to clients. |
504 |
When a server acting as a gateway or agent attempts to execute a request, it fails to receive a response from the upstream server (the server that the URI identifies, such as HTTP, FTP, LDAP), or the secondary server (such as DNS). Note: Some proxy servers return 400 or 500 errors in DNS query timeout |
505 |
The server does not support or refuses to support the HTTP version used in the request. This implies that the server cannot or does not want to use the same version as the client. The response should contain an entity that describes why the version is not supported and which protocols the server supports. |
40W |
Extended by the Transparent Content negotiation Protocol (RFC 2295), there is an internal configuration error on behalf of the server: The requested negotiation meta-resource is configured to use itself in transparent content negotiation, so it is not an appropriate focus in a negotiation process. |
507 |
The server cannot store the content necessary to complete the request. The situation is considered to be temporary. WebDAV (RFC 4918) |
509 |
The server reached the bandwidth limit. This is not an official status code, but is still widely used. |
510 |
The policies needed to get resources are not met. (RFC 2774) |