only for RuBoard - do not distribute or recompile Previous Section Next Section

1.4 Server Response Codes

The initial line of the server's response indicates the HTTP version, a three-digit status code, and a human-readable description of the result. Status codes are grouped as follows:

Code Range

Response Meaning




Client request successful


Client request redirected, further action necessary


Client request incomplete


Server errors

HTTP defines only a few specific codes in each range, although these ranges will become more populated as HTTP evolves.

If a client receives a response code that it does not recognize, it should understand its basic meaning from its numerical range. While most web browsers handle codes in the 100, 200, and 300 ranges silently, some error codes in the 400 and 500 ranges are commonly reported back to the user (e.g., "404 Not Found").

1.4.1 Informational (100 Range)

Previous to HTTP 1.1, the 100 range of status codes was left undefined. In HTTP 1.1, the 100 range was defined for the server to declare that it is ready for the client to continue with a request, or to declare that it will be switching to another protocol.

The status codes currently defined are:



100 Continue

The initial part of the request has been received, and the client may continue with its request.

101 Switching Protocols

The server is complying with a client request to switch protocols to the one specified in the Upgrade header field.

1.4.2 Client Request Successful (200 Range)

The most common response for a successful HTTP transaction is 200 (OK), indicating that the client's request was successful, and the server's response contains the request data. If the request was a GET method, the requested information is returned in the response data section. The HEAD method is honored by returning header information about the URL. The POST method is honored by executing the POST data handler and returning a resulting entity-body.

The following is a complete list of successful response codes:



200 OK

The client's request was successful, and the server's response contains the requested data.

201 Created

This status code is used whenever a new URL is created. With this result code, the Location header is given by the server to specify where the new data was placed.

202 Accepted

The request was accepted but not immediately acted upon. More information about the transaction may be given in the entity-body of the server's response. There is no guarantee that the server will actually honor the request, even though it may seem like a legitimate request at the time of acceptance.

203 Non-Authoritative Information

The information in the entity header is from a local or third-party copy, not from the original server.

204 No Content

A status code and header are given in the response, but there is no entity-body in the reply. Browsers should not update their document view upon receiving this response. This is a useful code for CGI programs to use when they accept data from a form but want the browser view to stay at the form.

205 Reset Content

The browser should clear the form used for this transaction for additional input. For data-entry CGI applications.

206 Partial Content

The server is returning partial data of the size requested. Used in response to a request specifying a Range header. The server must specify the range included in the response with the Content-Range header.

1.4.3 Redirection (300 Range)

When a document has moved, the server might be configured to tell clients where it has been moved. Clients can then retrieve the new URL silently, without the user knowing. Presumably the client may want to know whether the move is a permanent one or not, so there are a few common response codes for moved documents: 301 (Moved Permanently), 302 (Found), and 307 (Temporary Redirect).

Ideally, a 301 code would indicate to the client that, from now on, requests for this URL should be sent directly to the new one, thus avoiding unnecessary transactions in the future. Think of it like a change of address card from a friend; the post office is nice enough to forward your mail to your friend's new address for the next year, but it's better to get used to the new address so your mail will get to her faster, and won't start getting returned someday.

A 302 or 307 code, on the other hand, just says that the document has moved but will return. If a 301 is a change of address card, a 302 or 307 is a note on your friend's door saying she's gone to the movies. Either way, the client should request the new URL specified by the server in the Location header, but continue to go to the original URL in the future.

The following is a complete list of redirection status codes:



300 Multiple Choices

The requested URL refers to more than one resource. For example, the URL could refer to a document that has been translated into many languages. The entity-body returned by the server could have a list of more specific data about how to choose the correct resource. The client should allow the user to select from the list of URLs returned by the server, where appropriate.

301 Moved Permanently

The requested URL is no longer used by the server, and the operation specified in the request was not performed. The new location for the requested document is specified in the Location header. All future requests for the document should use the new URL.

302 Found

This status code is deprecated, and serves the same purpose as status code 307.

303 See Other

The requested URL can be found at a different URL (specified in the Location header) and should be retrieved by a GET on that resource.

304 Not Modified

This is the response code to an If-Modified-Since or If-None-Match header, where the URL has not been modified since the specified date. The entity-body is not sent, and the client should use its own local copy.

305 Use Proxy

The requested URL must be accessed through the proxy in the Location header.

307 Moved Temporarily

The requested URL has moved, but only temporarily. The Location header specifies the new location, but no information is given about the validity of the redirect in the future. The client should revisit the original URL in the future.

1.4.4 Client Request Incomplete (400 Range)

Sometimes the server just can't process the request. Either something was wrong with the document or with the request itself. By far, the server status code that web users are most familiar with is 404 (Not Found), the code returned when the requested document does not exist. This isn't because it's the most common code that servers return, but because it's one of the few codes that the client passes to the user rather than intercepting and handling it in its own way.

For example, when the server sends a 401 (Unauthorized) code, the client does not pass the code directly to the user. Instead, it triggers the client to prompt the user for a username and password, and then resend the request with that information supplied. With the 401 status code, the server supplies the WWW-Authenticate header to specify the authentication scheme and realm it needs authorization for, and the client returns the username and password for that scheme and realm in the Authorization header.

When testing clients you have written yourself, watch out for code 400 (Bad Request), indicating a syntax error in your client's request, and code 405 (Method Not Allowed), which declares that the method the client used for the document is not valid. (Along with the 405 code, the server sends an Allow header, listing the accepted methods for the document.)

The 408 (Request Time-out) code means that the client's request wasn't completed, and the server gave up waiting for the client to finish. A client might receive this code if it did not supply the entity-body properly, or (under HTTP 1.1) if it neglected to supply a Connection: Close header.

The following is a complete listing of status codes implying that the client's request was faulty:



400 Bad Request

This response code indicates that the server detected a syntax error in the client's request.

401 Unauthorized

The result code is given along with the WWW-Authenticate header to indicate that the request lacked proper authorization, and the client should supply proper authorization when requesting this URL again. See the description of the Authorization header for more information on how authorization works in HTTP.

402 Payment Required

This code is not yet implemented in HTTP.

403 Forbidden

The request was denied for a reason the server does not want to (or has no means to) indicate to the client.

404 Not Found

The document at the specified URL does not exist.

405 Method Not Allowed

This code is given with the Allow header and indicates that the method used by the client is not supported for this URL.

406 Not Acceptable

The URL specified by the client exists, but not in a format preferred by the client. Along with this code, the server provides the Content-Language, Content-Encoding, and Content-type headers.

407 Proxy Authentication Required

The proxy server needs to authorize the request before forwarding it. Used with the Proxy-Authenticate header.

408 Request Time-out

This response code means the client did not produce a full request within some predetermined time (usually specified in the server's configuration), and the server is disconnecting the network connection.

409 Conflict

This code indicates that the request conflicts with another request or with the server's configuration. Information about the conflict should be returned in the data portion of the reply. For example, this response code could be given when a client's request would cause integrity problems in a database.

410 Gone

This code indicates that the requested URL no longer exists and has been permanently removed from the server.

411 Length Required

The server will not accept the request without a Content-length header supplied in the request.

412 Precondition Failed

The condition specified by one or more If... headers in the request evaluated to false.

413 Request Entity Too Large

The server will not process the request because its entity-body is too large.

414 Request URL Too Long

The server will not process the request because its request URL is too large.

415 Unsupported Media Type

The server will not process the request because its entity-body is in an unsupported format.

416 Request Range Not Satisfiable

The requested byte range is not available and is out of bounds.

417 Expectation Failed

The server is unable to meet the demands of the Expect header given by the client.

1.4.5 Server Error (500 Range)

Occasionally, the error might be with the server itself—or, more commonly, with the CGI portion of the server. CGI programmers are painfully familiar with the 500 (Internal Server Error) code, which frequently means that their program crashed. One error that client programmers should pay attention to is 503 (Service Unavailable), which means that their request cannot be performed right now, but the Retry-After header (if supplied) indicates when the client might try again.

The following is a complete listing of response codes implying a server error:



500 Internal Server Error

This code indicates that a part of the server (for example, a CGI program) has crashed or encountered a configuration error.

501 Not Implemented

This code indicates that the client requested an action that cannot be performed by the server.

502 Bad Gateway

This code indicates that the server (or proxy) encountered invalid responses from another server (or proxy).

503 Service Unavailable

This code means that the service is temporarily unavailable, but should be restored in the future. If the server knows when it will be available again, a Retry-After header may also be supplied.

504 Gateway Time-out

This response is like 408 (Request Time-out) except that a gateway or proxy has timed out.

505 HTTP Version Not Supported

The server will not support the HTTP protocol version used in the request.

only for RuBoard - do not distribute or recompile Previous Section Next Section