Quick Reference and Scenario Analysis of HTTP Status Codes

HTTP status codes, also known as HTTP response status codes, indicate whether a specific HTTP request has been successfully completed. Clients can determine the processing status of their requests through HTTP status codes.

1

Classification of HTTP Status CodesThere are many HTTP status codes, which can be classified into five categories based on the first digit, each representing a different response status:

  1. 1xx (Informational Response): Indicates that the client’s request is proceeding normally so far, and the client can continue with the request; if the request is complete, it can be ignored.
  2. 2xx (Successful Response): Indicates that the request has been successfully processed.
  3. 3xx (Redirection Message): Indicates that redirection is needed, and further action is required to complete the request.
  4. 4xx (Client Error): Indicates that the client’s request contains syntax errors or cannot be completed.
  5. 5xx (Server Error): Indicates that an error occurred on the server while processing the request.

2

Common HTTP Status CodesThere are quite a few HTTP status codes, and memorizing all of them can be challenging. Generally, it suffices to remember a few common ones and look up the rest as needed.This article organizes the status codes according to RFC 2616 specifications; custom status codes are not included.1xx (Informational Response)For the 1xx category of status codes, some definitions and names can be somewhat abstract, making them difficult to understand. Below are examples of commonly used status codes.100 ContinueFor status code 100 Continue, MDN explains:This temporary response indicates that all content so far is viable, and the client should continue with the request; if it has already completed, it can be ignored.At first glance, this may seem confusing, but it becomes clearer when applied in practice. Generally, status code 100 is used when a client is preparing to send a large request body (such as a large file upload). At this point, the client is unsure whether the server can currently handle the data, so it first sends a request using the 100-continue protocol to inquire if the server allows the upload. If the server permits the upload, it returns status code 100, allowing the client to continue uploading the large request body.Thus, looking back at MDN’s explanation makes it clearer: when the server returns 100, the client can continue with subsequent operations if needed; if not, it can be ignored. This allows the client to proceed to the next step, but if there are no further actions, it is also acceptable to do nothing.Additional Note:Here is a good explanation regarding status code 100:100 (Continue): The requester should continue with the request. The server returns this code to indicate that it has received the first part of the request and is waiting for the remaining part.101 Switching ProtocolsStatus code 101 is sent in response to the client’s Upgrade request header, indicating the protocol the server is about to switch to.This status code is used when the client needs to switch protocols, specifying the desired protocol through the Upgrade request header. If the server also supports this protocol, it will return status code 101, indicating that the server is about to switch to the protocol specified by the client.This is mainly applied in scenarios where a WebSocket connection is established, allowing an established connection to upgrade to a new, incompatible protocol.2xx (Successful Response)Status codes in the 2xx category are the most commonly encountered response codes and are the most favored by programmers. After all, seeing a response code in the 2xx category generally means there are no serious errors; at least the service is still running, so there is no need to panic (just kidding).In the 2xx category, the most commonly used status code is 200, and unless there are special requirements in practical applications, 200 can be used as the response status code for a successful request.200 OK200: Indicates that the request was successful.Yes~ Yes~ o( ̄▽ ̄)o, it really does indicate that the request was successful.3xx (Redirection Message)Status codes in the 3xx category indicate that additional actions are required to complete the request, typically used for temporary or permanent resource relocation, requiring the client to go to a new address to obtain the resource.Common status codes in this category include: 301 (Moved Permanently), 302 (Found), 304 (Not Modified).301 Moved Permanently301: Indicates permanent redirection; the original resource has been permanently moved to a new location, and subsequent requests from the client should use the new address.301 (Moved Permanently) indicates a permanent change of the resource address, meaning that the resource has moved from one address to another, and from now on, it should be obtained from the new address.This is commonly seen when a website changes its domain name. When a website switches domains, it often uses 301 (Moved Permanently) to change the address. If you are involved in SEO, be aware that when switching domains, you must use 301 (Moved Permanently) to ensure that search engines transfer the original page’s weight to the new page, thus not affecting your SEO.302 Found302: Temporary redirection; the original resource has been temporarily moved to a new location, and subsequent requests from the client can still use the original address, just temporarily switching the request address.Although 302 (Found) also directs the client to request the resource from a new address, subsequent requests can continue to use the original address, so search engines will not consider the original address invalid and will not transfer weight. If you are looking to switch domains, be careful not to use the wrong response status code, as it can affect your accumulated weight and traffic.302 (Found) is typically used during page maintenance, allowing requests to the original page to redirect to a maintenance or alternative page, optimizing the user browsing experience. It can also be used to temporarily change the order of page calls by adding a temporary activity page or prompt page before the original page call, allowing users to be informed about the activity content.However, regardless of how 302 (Found) is used, it should revert to the original address after a certain period; this is merely a temporary address switch.304 Not Modified304: Resource not modified; the client can use the local cache directly.When encountering a server response of 304, it usually means that the requested resource has not changed, and the client can use its local cache directly. This is generally used for static resources like images and CSS to reduce bandwidth consumption and server load.It is worth mentioning that to trigger this response, the client’s request header must include If-Modified-Since or If-None-Match. The server verifies whether the resource has changed before returning.If-Modified-Since and If-None-Match are both conditional request headers, and when used together, If-None-Match takes precedence (if supported by the server).For If-Modified-Since, the server will only return the resource if it has been modified after the specified date and time; otherwise, it will return a 304 response without a message body.For If-None-Match, the server will only return the requested resource if no resource on the server has an ETag attribute value that matches the one listed in this header; otherwise, it will return a 304 response.4xx (Client Error)The 4xx category indicates client errors, specifically that the request cannot be processed by the server due to issues on the client’s side, usually due to problems with the request method, payload, or format.There is a complex set of rules governing the interaction logic between the client and server, and both parties must adhere strictly to these rules. If they are not on the same page, it is like playing music to a cow.Common 4xx status codes include: 400 (Bad Request), 401 (Unauthorized), 403 (Forbidden), 404 (Not Found), 405 (Method Not Allowed).This category has relatively more common status codes, and you will encounter a few of them from time to time. Below is a detailed introduction to these status codes.400 Bad Request400: Client request syntax, format, or parameter error.The reasons for triggering this response can be broad; generally, any request that the server cannot parse or does not recognize can return this status code. Upon receiving this status code, the client should check the request and not resend it. Of course, if you are frustrated, clicking refresh a few more times is fine.Specific error reasons may include:* Request parameter errors: such as missing required parameters, incorrect parameter formats, etc.* Request header errors: such as unsupported Content-Type, invalid Accept headers, etc.* Request body errors: such as JSON format errors, XML parsing failures, etc.Specific reasons can only be analyzed on a case-by-case basis, and subsequent client error response status codes are more detailed.401 Unauthorized401: Represents a client error, indicating that the request was not fulfilled due to a lack of authentication credentials required for the target resource.401 (Unauthorized) is commonly seen in scenarios requiring login or token verification. If the client does not carry the correct credentials (e.g., not logged in, token expired, signature error), it will receive a 401 response.It is important to note that 401 does not indicate insufficient user permissions, but rather that the user is unauthenticated or authentication has failed.For example:* A user accesses a required login interface without logging in.* The Authorization information is missing or incorrect in the request header.* The token has expired or is invalid.Typically, the server will return the reason for authentication failure in the 401 response, informing the client how to authenticate.403 Forbidden403: Represents a client error, indicating that the server is capable of processing the request but refuses to authorize access.403 (Forbidden) differs from 401 (Unauthorized); 403 indicates that the client has successfully authenticated (logged in) but does not have sufficient permissions to access the resource.This commonly occurs in projects with role-based access control, where the server responds with this status code when a user attempts to access resources outside their permission scope.404 Not Found404: Indicates that the server cannot find the requested resource.This is the most commonly encountered response code, indicating that the resource requested by the user does not exist. The appearance of the 404 (Not Found) status code may be due to a misspelled URL or the requested resource or page being deleted or moved without the website administrator indicating the new location through 302 or 301, triggering the server to respond with a 404 status code.405 Method Not Allowed405: Indicates that the resource pointed to by this request does not allow the current HTTP method.405 (Method Not Allowed) usually occurs because the resource being pointed to does not permit the current request method to operate. For example, in SpringBoot, you can specify which methods are allowed to call an API interface using annotations. If an invalid calling method is used, the server will respond with a 405 status code.500 (Server Error)Status codes in the 5xx category usually represent more serious issues, either due to internal server problems preventing normal execution or the server being down and unable to respond properly. This category of status codes is what backend developers least want to see; while 4xx can be pushed to the frontend, this is a problem that cannot be shifted.500 Internal Server Error500: Internal server error, unable to complete the request.500 (Internal Server Error) is a broad HTTP status code indicating that an error occurred internally in the application while processing the request, which was not handled properly. Due to unhandled exceptions or improper handling, the server cannot complete the current request, resulting in this error code being returned.502 Bad Gateway502: Bad gateway; the server received an invalid response from the upstream server while acting as a gateway or proxy.502 (Bad Gateway) typically occurs when the server is acting as a gateway or reverse proxy. The client’s request does not reach the target server directly but is first routed through the gateway layer. If the server behind the gateway is down and cannot provide a response from the upstream server, this status code will be returned.504 Gateway Timeout504: Gateway timeout; the server did not receive a response from the upstream server in the specified time while acting as a gateway or proxy.504 (Gateway Timeout) also occurs when the server acts as a gateway or reverse proxy. Unlike 502 (Bad Gateway), 504 indicates that the upstream server is functioning normally, but the request processing took too long, exceeding the gateway’s waiting time limit, forcing the gateway to terminate the wait and return a 504 response to the client.

3

Overview of HTTP Status CodesThis overview of HTTP status codes adheres to RFC 2616 specifications and can be quickly referenced based on major categories.1xx (Informational Response)

Status Code Name Description
100 Continue Continue. The client should continue its request.
101 Switching Protocols Switching protocols. The server switches to another protocol (e.g., WebSocket) based on the client’s request.
102 Processing Processing. Indicates that the request has been received and is being processed (WebDAV extension).
103 Early Hints Early hints. Returns partial response headers before the final response, often used to prompt the browser to preload resources.

2xx (Successful Response)

Status Code Name Description
200 OK Request successful. Returns the requested resource or result.
201 Created Request successful and a new resource has been created.
202 Accepted Request has been accepted but not yet processed.
203 Non-Authoritative Information Request successful, but the returned response information may come from a third party rather than the origin server.
204 No Content Request successful, but no content returned.
205 Reset Content Request successful, requiring the client to reset the document view (e.g., clear forms).
206 Partial Content Successfully returned partial resources (supports Range requests).
207 Multi-Status Returns the status of multiple resources (WebDAV extension, XML format).
208 Already Reported The requested members have already been listed in a previous multi-status response (WebDAV extension).
226 IM Used The server has fulfilled the request and returned the result of applying instance manipulation to the current resource (HTTP Delta encoding extension).

3xx (Redirection Message)

Status Code Name Description
300 Multiple Choices Multiple choices. The client can choose from multiple available resources.
301 Moved Permanently Permanently moved. The resource has been permanently moved to a new URI.
302 Found Temporary moved. The resource has been temporarily moved to a new URI.
303 See Other Use the GET method to obtain the resource’s new URI.
304 Not Modified Resource not modified; can use cache.
307 Temporary Redirect Temporary redirect; request method remains unchanged.
308 Permanent Redirect Permanently redirected; request method remains unchanged.

4xx (Client Error)

Status Code Name Description
400 Bad Request Bad request. Syntax error or invalid request.
401 Unauthorized Unauthorized. Authentication is required for the request.
402 Payment Required Payment required. (Reserved, rarely used)
403 Forbidden Forbidden. The server refuses the request.
404 Not Found Not found. The server cannot find the requested resource.
405 Method Not Allowed Method not allowed.
406 Not Acceptable Cannot return a response based on the content characteristics requested by the client.
407 Proxy Authentication Required Proxy authentication required.
408 Request Timeout Request timeout. The client did not complete the request in the specified time.
409 Conflict The request conflicts with the current resource state.
410 Gone The resource has been permanently deleted.
411 Length Required Missing Content-Length header; the server refuses the request.
412 Precondition Failed The request condition was not met.
413 Payload Too Large The request body is too large for the server to process.
414 URI Too Long The requested URI is too long for the server to process.
415 Unsupported Media Type The request format or media type is not supported.
416 Range Not Satisfiable The requested range is invalid.
417 Expectation Failed The server cannot meet the requirements of the Expect request header field.
418 I’m a teapot I’m a teapot. (April Fools’ joke status code, RFC 2324)
421 Misdirected Request The request was sent to the wrong server.
422 Unprocessable Entity The request format is correct, but there is a semantic error (WebDAV).
423 Locked The resource is locked (WebDAV).
424 Failed Dependency Failed due to a failed dependency request (WebDAV).
425 Too Early The server is unwilling to risk processing a request that might be replayed.
426 Upgrade Required The client should switch to another protocol (e.g., HTTPS).
428 Precondition Required Requires the request to include conditions.
429 Too Many Requests Too many requests, triggering rate limiting.
431 Request Header Fields Too Large The request header fields are too large; the server refuses to process.
451 Unavailable For Legal Reasons Unavailable for legal reasons.

5xx (Server Error)

Status Code Name Description
500 Internal Server Error Internal server error, unable to complete the request.
501 Not Implemented The server does not support the requested functionality.
502 Bad Gateway The gateway or proxy received an invalid response from the upstream server.
503 Service Unavailable Service unavailable, usually due to overload or maintenance.
504 Gateway Timeout The gateway did not receive a timely response from the upstream server.
505 HTTP Version Not Supported The HTTP version used in the request is not supported.
506 Variant Also Negotiates Server configuration error leading to content negotiation loop.
507 Insufficient Storage Insufficient storage space on the server (WebDAV).
508 Loop Detected Loop detected in requests (WebDAV).
510 Not Extended The server requires further extensions to the request.
511 Network Authentication Required Network authentication required (e.g., Wi-Fi login authentication).

4

AppendixWhile organizing and summarizing HTTP status codes, I came across two interesting websites to share. Looking at these is much more engaging than just reading about HTTP status codes.Article Title: The Correct Way for Girls to Speak Like HTTP Status CodesThe article correlates various HTTP status codes with phrases girls might say, making it vivid and interesting. After reading, I can only say that my strange knowledge has increased, and upon reflection, it makes sense, but I can’t look at HTTP status codes the same way anymore, haha~Article Linkhttps://blog.wolfyang.fan/posts/girl-talk-like-http-status-code-guide/Article from the blog `Little Wolf Yang Fan`, blog homepage:https://wolfyang.fanWebsite: HTTP CatsThis site pairs each HTTP status code with various cat images, in all sorts of styles, some of which are quite bold. It also provides direct links to the images, and clicking on the status code will show an overview of the corresponding status code and a link to MDN. One downside is that it does not support Chinese, so I have been thinking about replicating a Chinese version with my favorite images, which should be quite fun.Website Link:https://http.cat/This site is an open-source project on GitHub. Those interested can fork it for research, and if you find it interesting, don’t forget to give it a star to support these fun projects.

Leave a Comment