Common HTTP response status codes and meanings

HI
By Harrison Ifeanyichukwu
common HTTP methods. 401, unauthorized access

Communication over HTTP, the Hypertext transfer protocol is communication between web server and clients that involves transferring packets of data from one to the other in stateless form.

These packets of data are formatted and are called HTTP messages. It could be a Request message or a Response message. There is also the notion of Inbound and Outbound message.

When an HTTP message flows to the server (a request message), it is termed an Inbound flow. When an HTTP message flows back to the client from the server, it is termed an Outbound flow.

This Inbound and Outbound flow of data is also considered by Hosting providers, such as AWS, Google Cloud Platforms, Azure, etc., as they charge for data flow.

HTTP Response Status Code

When applications communicate over the web, there need to be standardized status codes or signal to indicate HTTP request or operation status. HTTP status codes are 3-digit codes that indicate the status of HTTP operations.

An HTTP request or operation can be in many states. It could be pending, it could error out, it could be in a success state, it could fail, and so many others. This need led to what we call today, HTTP Response Status Codes.

HTTP Response Status Code is a three-digit code that indicates the status of an HTTP request-response operation.

The nature of HTTP messages

The HTTP message is a simple but formatted block of data, either a request message from a web client or an enclosing request-response message from a web server.

HTTP messages consist of three parts:

  1. A start line describing the message
  2. A block of headers containing information about the message (more like metadata)
  3. An optional body containing consumable message data

The Start Line of an HTTP message either says what to do (for a request message) or explains what happened (for a response message).

The second part, a block of headers, describes the content of the message. Information such as the content length, the content type, the age of the content and many others are found within the headers' block.

Both the request and response message follow the same with three parts, as stated above. The syntax of both messages differs only in the start line.

Entity Body is optional

Note that the entity-body in an HTTP message is optional. the responding server or the requesting client can include no entity data during the communication.

Request Message Format

Below is the format for an HTTP request message. The start line, which is the first line contains the Request Method, the Request URL and the HTTP version.

<Method> <Request-url> <Version>
<Headers>

<Entity-body>

Response Message Format

Below is the format for an HTTP response message. The start line contains the HTTP version, the status code and the reason phrase. The response message format differs from the request message on the start line.

<Version> <status-code> <reason-phrase>
<Headers>

<Entity-body>

As you can see, The response status code, the second entry in the start line of an HTTP response message, is of interest. The third-entry reason-phrase is a human-readable version of the status-code.

Classification of HTTP Response Status Codes

HTTP response status codes can be divided into 5 categories based on the type of information the status code relays to the receiving client. The five HTTP response status codes categories are:

  1. Informational Status Codes
  2. Success Status Codes
  3. Redirection Status Codes
  4. Client Error Status Codes
  5. Server Error Status Codes

As stated earlier, HTTP status codes are 3-digit codes.

Informational HTTP Status Codes - 1xx

Informational HTTP Status Codes are status codes within the range of 100 to 199 both inclusive. They are not well conversant around the internet and were introduced by the HTTP 1.1 protocol.

Servers Implementing just the HTTP 1.0 do not support this range of status codes. Informational HTTP Status Codes are performantly intended to help reduce the burden on web servers.

According to the HTTP 1.1 specification, Implementing Servers, proxies must not send a 1xx response back to HTTP 1.0 clients as they do not support these range of headers.

Note

HTTP 1.1 1xx repsonse messages have no entity body. The response message is terminated by an empty line

List of HTTP Informational Status Codes and meanings

Status Code

Reason Phrase

Meaning

100

Continue

Servers send this response if the request has an Expect header.

The 100 continue status code indicates that everything is OK, and the client can send in the entity-body.

101

Switching Protocol

Servers send this response status code if the request has an Upgrade header.

The 101 status code indicates that the Server is switching protocol as requested by the client to one listed in the Upgrade Header.

HTTP Success Status Codes - 2xx

HTTP Success Status Codes are status codes within the range of 200 to 299, both inclusive. The 200 and 201 status codes are the most common within this range.

HTTP Success Status Codes indicates that the client's request was successfully received, stored, processed or retrieved with various kinds of reason phrase depending on the nature of the request especially the request method.

List of HTTP Success Status Codes and meanings

Status Code

Reason Phrase

Meaning

200

OK

Request is okay, Response entity body contains requested resource

202

Accepted

Indicates that the request was accepted, but has not been processed yet.

This is good for batch processing applications, such as web triggers.

203

Non-Authoritative Information

203 status code indicates that the information contained in the entity headers came from a copy of the resource but not from the origin server.

204

No Content

Indicates that the response message contains a Status Line, and headers but no entity-body.

Browsers would update cache headers for the resource while retaining the resource previous content.

205

Reset Content

This is applicable to mostly HTML forms. This status code tells the User-agent (Browsers) to reset the document that sent the request.

This response resets HTML form fields in the page to their default values.

206

Partial Content

Response to Range requests. It indicates that the range request was processed successful and the entity body contains the range of data requested.

Range requests are used by video players, file transfers, image processing and other heavy file processing clients.

HTTP Redirection Status Codes - 3xx

When a resource URI changes, when the resource location changes, servers utilize the 3xx response codes to convey information to requesting clients on the new location of such a resource.

Redirection status codes are in the range of 300-399 both inclusive. 3xx response status codes tell the connected client to use alternate locations for the resources requested.

Coupled with the Location header, Servers can provide the temporal or permanent alternate URL of the requested resource to clients.

List of HTTP Redirection Status Codes and meanings

Status Code

Reason Phrase

Meaning

300

Multiple Choices

This response is returned when the client requested for a resource with multiple representations such as content multiple languages.

The entity body should contain a list of choices to select from. The specification also states that any preferred resource URI should be included in the response Location header.

301

Moved Permanently

Indicates that the representation at the requested location has been moved permanently to another location/URI.

The new resource location should be specified in the response Location header.

302

Found

This is a temporal redirect. It indicates that the representation at the requested location has been moved temporarily.

The new temporal resource location should be specified in the response Location header.

303

See Other

Response to tell the client to use a different URL for the resource it is looking for.

The new URL to use is specified in the response Location header

304

Not Modified

Tells the client to use the previous representation of the resource it has because the resource has not changed since it was last accessed based on the cache control headers provided by the client.

305

Use Proxy

Indicates that the resource must be accessed through a proxy.

The response Location header contains the Proxy URL to be used.

307

Temporary Redirect

This is a temporal redirect. It indicates that the representation at the requested location has been moved temporarily.

The new temporal resource location should be specified in the response Location header.

Client Error Response Status Codes - 4xx

Sometimes, Client requests can be erroneous, such as invalid entity-body, no authorization headers, authentication headers, and many others. The 4xx response codes indicate errors in the client request.

Clients can also request for a non-existing resource, hence, the famous 404 error response code.

Client Error HTTP status codes are in the range of 400-499 both inclusive. 4xx response status codes tell the connected client about the error in the request.

List of Client Error HTTP Status Codes and meanings

Status Code

Reason Phrase

Meaning

400

Bad Request

Tells the client it has sent a malformed request

401

Unauthorized

Client is not authorized. It is returned along with appropriate headers that ask the client to authenticate itself.

402

Payment Required

not used yet

403

Forbidden

Used to indicate that the request was refused by the server. Usually, servers do not want the client to know the reason for security purposes.

When it wants, it can include the reason in the entity body.

404

Not Found

Indicates that the requested resource was not found on the server.

405

Method Not Allowed

Indicates the the request method is not allowed on the specified resource. For instance, issuing a POST request on a resource that allows only GET or HEAD requests.

406

Not Acceptable

Servers can issue this response code if the content generated by the requested resource does not match any of the entries in the Client's Accept header.

407

Proxy Authentication Required

It behaves Like the 401 status code but used by proxy servers that require authentication

408

Request Timeout

Indicates that he client did not produce a request within the time that the server was prepared to wait.

411

Length Required

Indicates that the client must provide a Content-Length header such as during a post and put request

413

Entity Too Large

Indicates that the server is refusing to process a request because the request payload is too large.

Web servers set limits to the amount of data clients can send to them, this helps reduce load on the server.

414

Request-URI Too Long

This indicates that the server is refusing to process the request because the request URL is too large.

This can happen when client transforms what should be a POST or PUT request to a GET request, making the query sections too long.

415

Unsupported Media Type

Server is refusing to process the request because the content type of the request payload is not supported.

416

Requested Range Not Satiable

When a range request is not satiable, such as out of range values, servers respond with the 416 response code to indicate this error.

417

Expectation Failed

The expectation given in an Expect request-header field could not be met

Server Error Response Status Codes - 5xx

Aside from client request errors, servers can encounter errors while processing client requests. The 5xx response codes indicate server-side errors that occurred while processing a client request.

Server errors can range from system failure, network errors, code or script errors, gateway errors, and many others. Troubleshooting such errors by server administrators usually involves looking up server error log files.

Server Error HTTP status codes are in the range of 500-599 both inclusive. 5xx response status codes tell the connected client about the server's error which occurred while processing the request.

List of Server Error HTTP Status Codes and meanings

Status code

Reason phrase

Meaning

500

Internal Server Error

Sent when the server encounters an internal error when handling the request such as code errors.

501

Not Implemented

Sent when a client makes a valid request but that is beyond the capabilities of the server. Example is sending a request method that is not implemented by the server.

502

Bad Gateway

Sent when a server acting as a proxy can't connect to the upstream server.

503

Service Unavailable

Used to indicate that the server currently cannot service the request but will be able to in the future. This can be due to an ongoing system maintenance.

504

Gateway Timeout

Sent from a proxy server when the response from an upstream server takes too long and exceeds the wait threshold of the proxy.

505

HTTP Version Not Supported

Indicates that the server does not support the request HTTP version used.