In daily development, everyone is familiar with status codes like 200 for success, 404 for not found, and 500 for server errors. However, HTTP actually defines dozens of status codes, many of which are very useful yet often overlooked. Some can solve practical problems, some have interesting stories, and others can make your API design more professional. If you find this useful, feel free to mark it.
1. The Redirect Family – More Than Just 301 and 302
Many people only know about 301 permanent redirects and 302 temporary redirects, but the redirect family is actually quite large, with each having specific use cases:
# 301/302 - Browsers may change POST requests to GET requests# For example: POST /api/login → after redirect becomes GET /new-url
# 307 - Temporary redirect, browsers must keep the original request method# For example: POST /api/login → after redirect still POST /new-url
HTTP/1.1 307 Temporary Redirect
Location: https://api.example.com/v2/users
# 308 - Permanent redirect, browsers must keep the original request method
HTTP/1.1 308 Permanent Redirect
Location: https://secure.example.com/api
# Debugging tip: Use curl to view the redirect chain
curl -I -L https://example.com # -I only view headers, -L follow redirectsDebugging Tip: If your POST interface changes to a GET request after redirection, it indicates that the server used 301/302, and you should switch to 307/308.
2. Subdividing Client Errors – Not Everything is 400
The 400 family is richer than you might think; using status codes accurately can help frontend developers quickly locate issues:
# 401 - Unauthorized (not logged in)
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer
# 403 - Authenticated but no permission (logged in but insufficient permissions)
HTTP/1.1 403 Forbidden
# 409 - Resource conflict (e.g., duplicate creation)
HTTP/1.1 409 Conflict
{ "error": "User with this email already exists"}
# 422 - Correct data format but semantic error
HTTP/1.1 422 Unprocessable Entity
{ "errors": { "age": ["Age must be between 18 and 120"] }}
# 429 - Request rate limit exceeded
HTTP/1.1 429 Too Many Requests
Retry-After: 60Debugging Tip: If you see a 401, check the token; for 403, check permissions; for 422, check business logic.
3. Division of Server Errors – Indicating Who is at Fault
The 500 family can accurately inform about the fault responsibility, facilitating understanding for operations and users:
# 502 - Bad Gateway (upstream service is down)
HTTP/1.1 502 Bad Gateway
# 503 - Service temporarily unavailable (under maintenance)
HTTP/1.1 503 Service Unavailable
Retry-After: 3600
# 504 - Gateway timeout (upstream service response is slow)
HTTP/1.1 504 Gateway Timeout
# Debugging tip: Use curl to test gateway and upstream connectivity
curl -w "time_total: %{time_total}s\n" https://api.example.comDebugging Tip: A 502 usually indicates application crash, a 503 indicates active maintenance, and a 504 indicates performance issues.
4. Cache Control Magic – 304 and Conditional Requests
The 304 status code, combined with conditional requests, can significantly reduce bandwidth usage:
# Client sends a conditional request
GET /api/user/123 HTTP/1.1
If-None-Match: "abc123"
If-Modified-Since: Wed, 21 Oct 2015 07:28:00 GMT
# Server responds with 304 (content not changed)
HTTP/1.1 304 Not Modified
ETag: "abc123"
Cache-Control: max-age=3600
# Debugging tip: Check ETag and Last-Modified
curl -H "If-None-Match: abc123" https://api.example.com/users/1Debugging Tip: Frequent 200 responses may indicate a caching strategy issue; you should see more 304 responses.
5. Content Negotiation – Proper Handling of 406 and 415
These two status codes are often misused; understanding them can make APIs more robust:
# 406 - Server cannot provide the content format requested by the client
GET /api/users HTTP/1.1
Accept: application/xml
HTTP/1.1 406 Not Acceptable
Content-Type: application/json
{ "error": "Only JSON format is supported", "supported_formats": ["application/json"]}
# 415 - Content format sent by the client is not supported by the server
POST /api/users HTTP/1.1
Content-Type: text/plain
HTTP/1.1 415 Unsupported Media Type
{ "error": "Content-Type must be application/json"}
# Debugging tip: Check Accept and Content-Type headers
curl -H "Accept: application/xml" https://api.example.com/users
curl -H "Content-Type: text/xml" -d "<user></user>" https://api.example.com/users6. Resumable Downloads – 206 Partial Content
What if the network drops while downloading a large file? The 206 status code, combined with Range requests, makes resumable downloads possible:
# Client requests a part of the file
GET /download/largefile.zip HTTP/1.1
Range: bytes=1000-2000
# Server returns 206 and partial content
HTTP/1.1 206 Partial Content
Content-Range: bytes 1000-2000/5000
Content-Length: 1001
# Practical application: Video player seek bar
# Range: bytes=2048000- # Start from 2MB to the end of the fileUse Cases: Video player seek bar, resumable downloads for large files, mobile data savings.
7. The Most Adorable Status Code – 418 I’m a Teapot
This is a real HTTP status code, originating from an April Fool’s joke in 1998:
HTTP/1.1 418 I'm a teapot
# RFC 2324 states: A teapot cannot brew coffee
# When you send a request to a teapot to brew coffee, it will return this status codeAlthough it’s a joke, many websites use it to indicate “Easter eggs” or special situations. For example, Google returns 418 when you search for “teapot.”
Interesting Uses: Website Easter eggs, special API responses, programmer humor.
8. Legal Restrictions – 451 Unavailable For Legal Reasons
This status code is specifically used to indicate that content is unavailable for legal reasons:
HTTP/1.1 451 Unavailable For Legal Reasons
# For example, certain content is prohibited in specific regions
{ "error": "This content is not available in your region", "reason": "Copyright restrictions", "legal_reference": "DMCA takedown notice"}The 451 status code comes from the novel “Fahrenheit 451” (the burning point of paper), symbolizing censorship.
Use Cases: Regional copyright restrictions, government censorship, DMCA takedown requests.
9. Premature Requests – 425 Too Early
A new status code introduced in HTTP/2, indicating that the request is too early, and the server is not ready:
HTTP/1.1 425 Too Early
# Common in services that require time to initialize
{ "error": "Service is still starting up", "retry_after": 30}Use Cases: During service restarts, cache warming phases, before scheduled task triggers.
Conclusion
HTTP status codes are not just numbers; they carry rich semantic information and interesting stories. From the practical 206 for resumable downloads to the amusing 418 teapot, and the serious 451 legal restrictions, each status code has its significance. Using them correctly can make your API more professional and troubleshooting more efficient.
The next time you encounter an HTTP issue, consider starting with the status codes; you might find the root cause more quickly!