Deciphering HTTP Status Codes
When you give out or ask for a Web address, you probably start with the letters “www” (indicating “World Wide Web”) rather than the actual first letters of the address, which are generally “HTTP” (HyperText Transfer Protocol). Thanks to updates to the domain creation process, most modern browsers have eliminated the need to enter these letters when entering an address (and some browsers even eliminate the need to enter “www,” requiring only the domain name or part of the domain name to do an automatic search). But even if you don’t bother with the letters “HTTP” at the beginning of your URL (Uniform Resource Locator), you’ve no doubt seen them, and perhaps even wondered about their function.
The HyperText Transfer Protocol is the process used by client computers to communicate with servers on the Internet. When a client computer (e.g., yours) sends a request to a server to access a Web page, the request is usually delivered via HTTP. The server then responds to the client machine with a code, any related information, and, assuming everything goes well, the requested content.
The codes themselves are arranged into five groups, based on their content: Informational (basic information about request processing), Successful (confirmation that requests were received, as well as related requests from the server), Redirection (responses involving content that’s been moved, either temporarily or permanently), Client Error (client sent a faulty request, has requested incompatible information, or simply requested content that doesn’t exist), and Server Error (the server encountered internal difficulties handling the request). Each of these groups contains several individual codes, each with its own meaning:
Part of a request (usually the first) has been received without issues. The rest of the request can now be sent.
Not all servers and clients use HTTP 1.1 as their standard protocol. If the server makes a change to another protocol type, this code is sent.
The most common status code by far. The request has been understood, and is being processed.
This code indicates that the request was successful, and based on the request, new content (e.g., a new page) has been created.
The server understands this request, and has accepted it for processing. However, it may be queued instead of being processed immediately.
Identical to the 200 code; however, a 203 means the requested information is being provided by a third-party server instead of the server itself.
The request was successful, but there’s no data to return (often used with deletion requests, i.e., the server reports that the file marked for deletion was successfully deleted, but there’s no actual information to return or message to display).
This code is a request from the server to reset a document or other content. If, for example, you fill out a registration form and submit it, one of the codes sent back by the server will be 205, asking your browser to reset the form (giving you a visual indication that the form was successfully submitted, along with any actual message indicating success you might see).
If the client requests only part of a document (the current time or weather a Web page, based on your location, for example), the server will return a 206, along with the requested content.
This code indicates a resource has moved. A list of available locations will be sent along with this code, from which the user can select the correct option.
A 301 tells the client that a resource has moved, along with its new location. It also instructs the client to use the new URL when accessing this content in the future.
This status code indicates the requested resource has moved to a new location temporarily, and provides the new location. It also instructs the client to continue using the current URL to access the content.
Similar to a 301, a 303 does not indicate that anything has moved, but instead merely specifies the exact location at which the requested content may be found.
The 304 helps speed things along when you’re browsing by serving up content only if it’s been updated. If, for example, you are browsing a site, and visit the same page multiple times, the client will send a request to the server asking if the content on the page has been updated. If it hasn’t, a 304 tells your browser just to load the same page from its local cache.
A 305 code tells the client a proxy (identified in the response) is required to access the requested content.
A code of 307 is a more specific version of the 302 code. It identifies resources that have moved temporarily, as well as the new URL at which they may be found.
The server did not understand the client’s request, due to bad syntax.
A 401 indicates the client requires server authorization to access the requested content. If you’ve ever tried to access password-protected content without a password, you’ve probably seen a 401.
This code is listed as “reserved for future use.”
A 403 means access to the requested content is forbidden to the client, either because the incorrect username and password were entered, or because the server’s own permissions don’t allow it.
The (in)famous 404 status code, so familiar to frustrated browsers across the Internet, means the requested content was not found, and the server doesn’t know how long it will be unavailable.
405—Method Not Allowed
The client has attempted to use a request method not permitted by the server. The server will reply with request methods that are allowed (e.g., POST and GET).
A 406 code indicates that although the server was able to understand and process the request, its response is in a format the client cannot understand. This is determined by the headers sent by the client, which contain the types of content it can understand.
407—Proxy Authentication Required
Similar to a 401 status code, a 407 indicates the client must be authorized by the indicated proxy before they can access the requested content.
A 408 code indicates the client did not produce a request quickly enough. Servers wait only a specific amount of time for client responses, and a 408 means that time’s up.
A 409 status code means the server could not complete the request because a document that requires modification or deletion could not be accessed or changed.
This code, like the 404, indicates a resource is gone. However, unlike a 404, this code indicates that the content is gone for good, and no new URL can be found for it.
A 411 is returned when no length is specified for content, and the server consequently refuses to process the request.
A 412 code indicates the failure of one of the client request’s conditions.
413—Request Entity Too Large
The requested content is larger than the server can handle, either due to physical constraints or to the server’s settings. This often occurs when a file is sent using the POST method from a form, and the file size is larger than maximum specified in the server’s settings.
414—Request URL Too Long
A 414 indicates the the requested URL was longer than the server can process.
415—Unsupported Media Type
The server sends a 415 status code when part of the client request uses an unsupported format.
416—Requested Range Not Satisfiable
A 416 indicates the server cannot fulfill the request, usually because the request specifies an inaccessible or non-extant part of a document.
When one of the headers sent by the client to the server, the “Expect” header, cannot be fulfilled by the server, a 417 is returned to the client.
500—Internal Server Error
As many a developer could tell you, a 500 code means the server encountered something unexpected in the request and was unable to complete it as a result.
A 501 status code means the server cannot support all the processes necessary to complete the request as submitted.
If a server is acting as a proxy and receives a response it determines to be invalid, it will send a 502 status code to the client.
The bane of anyone trying to access a busy server, a 503 indicates the server is overloaded and cannot complete the request.
A 504 code indicates a proxy server has waited too long for a response from another server higher up in the request chain.
505—HTTP Version Not Supported
A 505 status code indicates the HTTP version used to make the request is not supported by the server. It also returns a list of which HTTP versions are supported.
Although most of these codes are invisible to the client, and with good reason—there would probably be an Internet uprising if users had to sit through pages of machine chit-chat before they could log into Facebook or send an email—most of us have encountered the dreaded 404 and 503 at least once in our browsing lives. Whether you’re a seasoned webmaster or a relative greenhorn on the wide prairies of the “Wild, Wild Web,” understanding what HTTP status codes are, and what they do, can help you navigate the electronic highways and byways more easily.