Common HTTP response codes

 

200 OK

• This response indicates that the request has succeeded.

• The information returned with the response is dependent on the method used in the request.

• For example, a GET request to retrieve a web page or image would receive as a response the requested resource, while a POST request used to submit data via an HTML form would receive returning data from a script or message confirming processing of the form.*

301 Moved Permanently

A common question I've seen people ask is why do websites get moved? Why would they need to be moved? Clearly it's not very beneficial for websites to move, so why would they? It turns out that there are sometimes very good reasons that a website needs to be moved. It's an unfortunate side effect of the wonderful crazy thing called the internet and how it works.

302 Found

A 302 is one of the HTTP status codes that are sent back by a client to a server, and indicates that the requested resource has been temporarily moved to a different URI. The new URI is not a substitute reference for the originally requested resource, so future requests to this address should still use the original URI. If necessary, you can repeat the request with another URI.

This status code allows for redirection and can be used in conjunction with other codes. It's typically used when there's some form of content negotiation or when users have made an incorrect request. Since it'd be impractical to contact users directly in order to inform them of where they should go, developers will often use this code (along with others) to direct users to where they need to go instead.

304 Not Modified

304 Not Modified

This is a code that is returned when the client already has the correct version of the requested resource, and the server is not required to send any further data. This status code can be seen in HTTP, FTP, and NNTP protocols. It is often used to speed up requests over the internet by returning cached pages of content that have not been modified since they were last requested.

307 Temporary Redirect

The HTTP 307 Temporary Redirect redirects the client to another URL with the same method that was used in the prior request. This has the same semantics as 302, with the exception that the user agent must not change the HTTP method used: If a POST was used in the first request, a POST must be used in the second request. This method exists primarily to allow input for scripts (e.g., a login form) without changing (or incorrectly guessing) the processing of related resources, e.g., corresponding to an image on an HTML form after a user logs in by submitting their credentials using a POST request. The temporary URI SHOULD be given by the Location field in the response. Unless otherwise specified for specific status codes below, its meaning is defined by HTTP/1.1. An example use case may look like this:

POST /login HTTP/1.1

Host: onlinebankingsystem.com

Content-Type: application/x-www-form-urlencoded

Content-Length: ...

username=johndoe&password=A3ddj3w

HTTP/1.0 307 Temporary Redirect

Location: https://onlinebankingsystem.com/login The client submits login information via HTTPS to an encrypted TLS encrypted banking server which responds with a temporary redirect to another URL (which might also include authentication cookies being set).

400 Bad Request

The 400 Bad Request response code indicates that the server was unable to understand the request due to invalid syntax. This is often caused by an invalid JSON body, or because an image upload was "partially" sent.

An example of when you might get a 400 Bad Request error is if an API server does not accept POST requests and you try to send a POST request to it. Similarly, if your app makes a request to a URL with the wrong structure, you'll get this response code.

This error could also occur when there are too many parameters in the query string for a GET request--or too many field-value pairs submitted in a POST form--but most Web servers have no problem handling hundreds of characters, so that's unlikely to be the cause.

401 Unauthorized

401 Unauthorized is one of the most common response codes, and it means that you are not authorized to access the requested resource. It can be caused by a bad password or username, or a lack of permission. For example, you may need special permission to view a page in an admin-only area. It could also be caused by using the wrong URL. Make sure you're using HTTPS instead of HTTP if the server requires it to access any part of its content over a secure connection.

If you get this response code with no further explanation, it's time to give your web administrator a call because something has gone terribly wrong!

403 Forbidden

The HTTP 403 Forbidden response status code indicates that the server understood the request but refuses to authorize it. You could be forbidden from viewing a directory or a file due to lack of permissions. This article covers common causes and solutions for when you receive this error in your application.

• The authentication setting on your web server might be configured incorrectly

• Your IP address may be blacklisted by the webmaster

• The website may have been moved to another server

If you're sure that all these reasons don't exist in your case, you can try contacting the site owner and making him aware of his broken site. If he does not reply and you are certain that it is broken for everyone else as well (and not just you), then it's probably time to move on!

404 Not Found

404 Not Found

The 404 (Not Found) status code indicates that the origin server did not find a current representation for the target resource or is not willing to disclose that one exists. A 404 status code does not indicate whether this lack of representation is temporary or permanent; the 410 Gone status code is preferred over 404 if the origin server knows, presumably through some configurable mechanism, that the condition is likely to be permanent.

410 Gone

410 Gone

The requested resource is no longer available at the server and no forwarding address is known. This condition is expected to be considered permanent. Clients with link editing capabilities SHOULD delete references to the Request-URI after user approval. If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 Not Found SHOULD be used instead. This response is cacheable unless indicated otherwise. The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable and that the server owners desire that remote links to that resource be removed. Such an event is common for limited-time, promotional services and for resources belonging to individuals no longer affiliated with the origin server’s site. It is not necessary to mark all permanently unavailable resources as "gone" or to keep the mark for any length of time -- that is left to the discretion of the server owner

500 Internal Server Error

A 500 internal server error is a generic "something went wrong" code. It's an HTTP status code that means the server could not perform its requested function because of a problem in the script or database. When this happens, you will have to check your server-side code and/or database to see what went wrong.

This error is different than a 403 forbidden error, which means that the client (browser) was able to communicate with the server, but the server refused something about it. A 500 error means that something in your request caused an unexpected response from the server.