Html Httpmessages
# Understanding HTTP Status Messages
When a web browser (client) requests a page or service from a web server, the server responds with a status code and a corresponding message. These HTTP status messages indicate whether the request was successful, if a redirection is required, or if an error occurred on either the client or server side.
This reference guide provides a comprehensive list of HTTP status codes categorized by their functional groups, along with detailed explanations of their meanings and typical use cases.
---
## HTTP Status Code Categories
HTTP status codes are three-digit integers divided into five distinct classes. The first digit of the status code defines the class of response:
* **`1xx` (Informational):** The request was received, and the process is continuing.
* **`2xx` (Successful):** The action was successfully received, understood, and accepted.
* **`3xx` (Redirection):** Further action must be taken in order to complete the request.
* **`4xx` (Client Error):** The request contains bad syntax or cannot be fulfilled.
* **`5xx` (Server Error):** The server failed to fulfill an apparently valid request.
---
## 1xx: Informational Responses
These status codes indicate a provisional response. The client should continue with its request or ignore the response if it has already finished.
| Status Code & Message | Description |
| :--- | :--- |
| **100 Continue** | The server has received the initial part of the request. If the request has not been rejected, the client should continue sending the remaining part of the request. |
| **101 Switching Protocols** | The server understands and agrees to comply with the client's request (via the `Upgrade` header) to switch to a different protocol (e.g., switching from HTTP/1.1 to WebSocket). |
| **103 Checkpoint** | Used in resumption proposals to resume aborted PUT or POST requests. |
---
## 2xx: Success Responses
These status codes indicate that the client's request was successfully received, understood, and accepted by the server.
| Status Code & Message | Description |
| :--- | :--- |
| **200 OK** | The standard response for successful HTTP requests. The actual response content depends on the request method used (e.g., GET, POST). |
| **201 Created** | The request has been fulfilled, resulting in the creation of a new resource. |
| **202 Accepted** | The request has been accepted for processing, but the processing has not been completed. This is typically used for asynchronous or batch operations. |
| **203 Non-Authoritative Information** | The server successfully processed the request, but is returning information that may be from another source (e.g., a caching proxy) rather than the origin server. |
| **204 No Content** | The server successfully processed the request, but is not returning any content. The browser should keep displaying its current document. This is useful for analytics tracking or when a servlet determines the client's view does not need to change. |
| **205 Reset Content** | The server successfully processed the request but is not returning any content. Unlike `204`, this response requires the client to reset the document view (e.g., clearing a form input). |
| **206 Partial Content** | The server is delivering only part of the resource due to a range header sent by the client (used for paused/resumed downloads or streaming). |
---
## 3xx: Redirection Responses
These status codes indicate that the user agent needs to take further action, such as redirecting to a different URL, to complete the request.
| Status Code & Message | Description |
| :--- | :--- |
| **300 Multiple Choices** | Indicates multiple options for the resource that the client may follow (e.g., different file formats or language translations). |
| **301 Moved Permanently** | The requested resource has been permanently assigned a new URI. Any future references to this resource should use one of the returned URIs. |
| **302 Found** | The requested resource resides temporarily under a different URI. Since the redirection might be altered, the client should continue to use the original URI for future requests. |
| **303 See Other** | The response to the request can be found under a different URI and should be retrieved using a GET method on that resource. |
| **304 Not Modified** | Indicates that the resource has not been modified since the version specified by the client's conditional request headers (e.g., `If-Modified-Since`). The client can use its cached version. |
| **305 Use Proxy** | The requested resource must be accessed through the proxy specified in the `Location` header. |
| **306 Switch Proxy** | *No longer used.* This code was used in previous specifications but is now reserved. |
| **307 Temporary Redirect** | The requested resource resides temporarily under a different URI. The client must use the original URI for future requests, but unlike `302`, the request method must not be changed (e.g., POST must remain POST). |
| **308 Resume Incomplete** | Used in resumption proposals to resume aborted PUT or POST requests. |
---
## 4xx: Client Error Responses
These status codes indicate that there was an error with the request, often due to client-side issues such as bad syntax, unauthorized access, or requesting a non-existent resource.
| Status Code & Message | Description |
| :--- | :--- |
| **400 Bad Request** | The server cannot process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing). |
| **401 Unauthorized** | The request requires user authentication. The client must authenticate itself to get the requested response. |
| **402 Payment Required** | Reserved for future use. Originally created to be used in digital payment systems, but rarely used today. |
| **403 Forbidden** | The client does not have access rights to the content. Unlike `401`, the client's identity is known to the server, but they are not authorized to view the resource. |
| **404 Not Found** | The server cannot find the requested resource. This is the most famous error code on the web. |
| **405 Method Not Allowed** | The request method (e.g., GET, POST, DELETE) is known by the server but is not supported by the target resource. |
| **406 Not Acceptable** | The server cannot produce a response matching the list of acceptable values defined in the client's `Accept` headers. |
| **407 Proxy Authentication Required** | Similar to `401`, but authentication must be completed through a proxy server first. |
| **408 Request Timeout** | The server timed out waiting for the request from the client. |
| **409 Conflict** | The request could not be completed due to a conflict with the current state of the target resource (e.g., edit conflicts). |
| **410 Gone** | The requested resource is no longer available on the server and no forwarding address is known. This is a permanent condition. |
| **411 Length Required** | The server refuses to accept the request without a defined `Content-Length` header. |
| **412 Precondition Failed** | One or more preconditions specified in the client's request headers evaluated to false on the server. |
| **413 Request Entity Too Large** | The server refuses to process the request because the request payload is larger than the server is willing or able to process. |
| **414 Request-URI Too Long** | The URI requested by the client is longer than the server is willing to interpret. This often happens when a POST request is improperly converted to a GET request with long query parameters. |
| **415 Unsupported Media Type** | The media format of the requested data is not supported by the server. |
| **416 Requested Range Not Satisfiable** | The range specified by the `Range` header in the request cannot be fulfilled (e.g., the client requested a byte range beyond the end of the file). |
| **417 Expectation Failed** | The expectation given in the request's `Expect` header field could not be met by the server. |
---
## 5xx: Server Error Responses
These status codes indicate that the server is aware it has erred or is incapable of performing the request.
| Status Code & Message | Description |
| :--- | :--- |
| **500 Internal Server Error** | A generic error message returned when the server encounters an unexpected condition that prevents it from fulfilling the request. |
| **501 Not Implemented** | The server does not support the functionality required to fulfill the request (e.g., the server does not recognize the request method). |
| **502 Bad Gateway** | The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed while attempting to fulfill the request. |
| **503 Service Unavailable** | The server is currently unable to handle the request due to temporary overloading or maintenance of the server. |
| **504 Gateway Timeout** | The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server. |
| **505 HTTP Version Not Supported** | The server does not support the HTTP protocol version that was used in the request. |
| **511 Network Authentication Required** | The client needs to authenticate to gain network access (e.g., accepting terms on a public Wi-Fi hotspot portal). |
---
## Developer Considerations & Best Practices
When building web applications, APIs, or configuring web servers, keep the following best practices in mind:
1. **Use the Correct Status Code:** Do not return a `200 OK` status code if the response body contains an error message (e.g., `{"error": "Not Found"}`). Use `404 Not Found` instead. This ensures search engine crawlers, proxies, and API clients handle the response correctly.
2. **Handle Redirections Carefully:** Use `301 Moved Permanently` only when a URL change is permanent. Search engines transfer SEO link equity based on this code. For temporary changes, use `302 Found` or `307 Temporary Redirect`.
3. **Provide Clear Error Payloads:** When returning `4xx` or `5xx` errors in APIs, include a JSON payload explaining the error details to help frontend developers debug the issue.
```json
{
"status": 400,
"error": "Bad Request",
"message": "The 'email' field is required and must be a valid email address."
}
```
4. **Graceful Degradation:** Ensure your frontend application is built to handle common status codes (like `401 Unauthorized` to redirect to a login page, or `503 Service Unavailable` to show a friendly maintenance screen).
YouTip