Communication over HTTP, the Hypertext transfer protocol is communication between web server and clients that involves transferring packets of data from one to the other in stateless form.
These packets of data are formatted and are called HTTP messages. It could be a Request message or a Response message. There is also the notion of Inbound and Outbound message.
When an HTTP message flows to the server (a request message), it is termed an Inbound flow. When an HTTP message flows back to the client from the server, it is termed an Outbound flow.
This Inbound and Outbound flow of data is also considered by Hosting providers, such as AWS, Google Cloud Platforms, Azure, etc., as they charge for data flow.
HTTP Response Status Code
When applications communicate over the web, there need to be standardized status codes or signal to indicate HTTP request or operation status. HTTP status codes are 3-digit codes that indicate the status of HTTP operations.
An HTTP request or operation can be in many states. It could be pending, it could error out, it could be in a success state, it could fail, and so many others. This need led to what we call today, HTTP Response Status Codes.
HTTP Response Status Code is a three-digit code that indicates the status of an HTTP request-response operation.
The nature of HTTP messages
The HTTP message is a simple but formatted block of data, either a request message from a web client or an enclosing request-response message from a web server.
HTTP messages consist of three parts:
- A start line describing the message
- A block of headers containing information about the message (more like metadata)
- An optional body containing consumable message data
The Start Line of an HTTP message either says what to do (for a request message) or explains what happened (for a response message).
The second part, a block of headers, describes the content of the message. Information such as the content length, the content type, the age of the content and many others are found within the headers' block.
Both the request and response message follow the same with three parts, as stated above. The syntax of both messages differs only in the start line.
Note that the entity-body in an HTTP message is optional. the responding server or the requesting client can include no entity data during the communication.
Request Message Format
Below is the format for an HTTP request message. The start line, which is the first line contains the Request Method, the Request URL and the HTTP version.
<Method> <Request-url> <Version>
<Headers>
<Entity-body>Response Message Format
Below is the format for an HTTP response message. The start line contains the HTTP version, the status code and the reason phrase. The response message format differs from the request message on the start line.
<Version> <status-code> <reason-phrase>
<Headers>
<Entity-body>As you can see, The response status code, the second entry in the start line of an HTTP response message, is of interest. The third-entry reason-phrase is a human-readable version of the status-code.
Classification of HTTP Response Status Codes
HTTP response status codes can be divided into 5 categories based on the type of information the status code relays to the receiving client. The five HTTP response status codes categories are:
- Informational Status Codes
- Success Status Codes
- Redirection Status Codes
- Client Error Status Codes
- Server Error Status Codes
As stated earlier, HTTP status codes are 3-digit codes.
Informational HTTP Status Codes - 1xx
Informational HTTP Status Codes are status codes within the range of 100 to 199 both inclusive. They are not well conversant around the internet and were introduced by the HTTP 1.1 protocol.
Servers Implementing just the HTTP 1.0 do not support this range of status codes. Informational HTTP Status Codes are performantly intended to help reduce the burden on web servers.
According to the HTTP 1.1 specification, Implementing Servers, proxies must not send a 1xx response back to HTTP 1.0 clients as they do not support these range of headers.
HTTP 1.1 1xx repsonse messages have no entity body. The response message is terminated by an empty line
Status Code | Reason Phrase | Meaning |
|---|---|---|
100 | Continue | Servers send this response if the request has an Expect header. The 100 continue status code indicates that everything is OK, and the client can send in the entity-body. |
101 | Switching Protocol | Servers send this response status code if the request has an Upgrade header. The 101 status code indicates that the Server is switching protocol as requested by the client to one listed in the Upgrade Header. |
HTTP Success Status Codes - 2xx
HTTP Success Status Codes are status codes within the range of 200 to 299, both inclusive. The 200 and 201 status codes are the most common within this range.
HTTP Success Status Codes indicates that the client's request was successfully received, stored, processed or retrieved with various kinds of reason phrase depending on the nature of the request especially the request method.
Status Code | Reason Phrase | Meaning |
|---|---|---|
200 | OK | Request is okay, Response entity body contains requested resource |
202 | Accepted | Indicates that the request was accepted, but has not been processed yet. This is good for batch processing applications, such as web triggers. |
203 | Non-Authoritative Information | 203 status code indicates that the information contained in the entity headers came from a copy of the resource but not from the origin server. |
204 | No Content | Indicates that the response message contains a Status Line, and headers but no entity-body. Browsers would update cache headers for the resource while retaining the resource previous content. |
205 | Reset Content | This is applicable to mostly HTML forms. This status code tells the User-agent (Browsers) to reset the document that sent the request. This response resets HTML form fields in the page to their default values. |
206 | Partial Content | Response to Range requests. It indicates that the range request was processed successful and the entity body contains the range of data requested. Range requests are used by video players, file transfers, image processing and other heavy file processing clients. |
HTTP Redirection Status Codes - 3xx
When a resource URI changes, when the resource location changes, servers utilize the 3xx response codes to convey information to requesting clients on the new location of such a resource.
Redirection status codes are in the range of 300-399 both inclusive. 3xx response status codes tell the connected client to use alternate locations for the resources requested.
Coupled with the Location header, Servers can provide the temporal or permanent alternate URL of the requested resource to clients.
Status Code | Reason Phrase | Meaning |
|---|---|---|
300 | Multiple Choices | This response is returned when the client requested for a resource with multiple representations such as content multiple languages. The entity body should contain a list of choices to select from. The specification also states that any preferred resource URI should be included in the response Location header. |
301 | Moved Permanently | Indicates that the representation at the requested location has been moved permanently to another location/URI. The new resource location should be specified in the response Location header. |
302 | Found | This is a temporal redirect. It indicates that the representation at the requested location has been moved temporarily. The new temporal resource location should be specified in the response Location header. |
303 | See Other | Response to tell the client to use a different URL for the resource it is looking for. The new URL to use is specified in the response Location header |
304 | Not Modified | Tells the client to use the previous representation of the resource it has because the resource has not changed since it was last accessed based on the cache control headers provided by the client. |
305 | Use Proxy | Indicates that the resource must be accessed through a proxy. The response Location header contains the Proxy URL to be used. |
307 | Temporary Redirect | This is a temporal redirect. It indicates that the representation at the requested location has been moved temporarily. The new temporal resource location should be specified in the response Location header. |
Client Error Response Status Codes - 4xx
Sometimes, Client requests can be erroneous, such as invalid entity-body, no authorization headers, authentication headers, and many others. The 4xx response codes indicate errors in the client request.
Clients can also request for a non-existing resource, hence, the famous 404 error response code.
Client Error HTTP status codes are in the range of 400-499 both inclusive. 4xx response status codes tell the connected client about the error in the request.
Status Code | Reason Phrase | Meaning |
|---|---|---|
400 | Bad Request | Tells the client it has sent a malformed request |
401 | Unauthorized | Client is not authorized. It is returned along with appropriate headers that ask the client to authenticate itself. |
402 | Payment Required | not used yet |
403 | Forbidden | Used to indicate that the request was refused by the server. Usually, servers do not want the client to know the reason for security purposes. When it wants, it can include the reason in the entity body. |
404 | Not Found | Indicates that the requested resource was not found on the server. |
405 | Method Not Allowed | Indicates the the request method is not allowed on the specified resource. For instance, issuing a POST request on a resource that allows only GET or HEAD requests. |
406 | Not Acceptable | Servers can issue this response code if the content generated by the requested resource does not match any of the entries in the Client's Accept header. |
407 | Proxy Authentication Required | It behaves Like the 401 status code but used by proxy servers that require authentication |
408 | Request Timeout | Indicates that he client did not produce a request within the time that the server was prepared to wait. |
411 | Length Required | Indicates that the client must provide a Content-Length header such as during a post and put request |
413 | Entity Too Large | Indicates that the server is refusing to process a request because the request payload is too large. Web servers set limits to the amount of data clients can send to them, this helps reduce load on the server. |
414 | Request-URI Too Long | This indicates that the server is refusing to process the request because the request URL is too large. This can happen when client transforms what should be a POST or PUT request to a GET request, making the query sections too long. |
415 | Unsupported Media Type | Server is refusing to process the request because the content type of the request payload is not supported. |
416 | Requested Range Not Satiable | When a range request is not satiable, such as out of range values, servers respond with the 416 response code to indicate this error. |
417 | Expectation Failed | The expectation given in an Expect request-header field could not be met |
Server Error Response Status Codes - 5xx
Aside from client request errors, servers can encounter errors while processing client requests. The 5xx response codes indicate server-side errors that occurred while processing a client request.
Server errors can range from system failure, network errors, code or script errors, gateway errors, and many others. Troubleshooting such errors by server administrators usually involves looking up server error log files.
Server Error HTTP status codes are in the range of 500-599 both inclusive. 5xx response status codes tell the connected client about the server's error which occurred while processing the request.
Status code | Reason phrase | Meaning |
|---|---|---|
500 | Internal Server Error | Sent when the server encounters an internal error when handling the request such as code errors. |
501 | Not Implemented | Sent when a client makes a valid request but that is beyond the capabilities of the server. Example is sending a request method that is not implemented by the server. |
502 | Bad Gateway | Sent when a server acting as a proxy can't connect to the upstream server. |
503 | Service Unavailable | Used to indicate that the server currently cannot service the request but will be able to in the future. This can be due to an ongoing system maintenance. |
504 | Gateway Timeout | Sent from a proxy server when the response from an upstream server takes too long and exceeds the wait threshold of the proxy. |
505 | HTTP Version Not Supported | Indicates that the server does not support the request HTTP version used. |