449 ошибка http

HTTP response status code 449 Retry With is an unofficial client error specific to the Microsoft IIS web server and is returned to indicate that the server can not satisfy the request because the user has not provided the required information.

Usage

When the 449 Retry With status code is received, the client must determine what information is required and reformulate the request accordingly before retrying.

Takeaway

The 449 Retry With status code is a client error that is sent by the server when the client has not supplied all of the information required to complete the request.

See also

• Microsoft Open Specifications

From Wikipedia, the free encyclopedia

This is a list of Hypertext Transfer Protocol (HTTP) response status codes. Status codes are issued by a server in response to a client’s request made to the server. It includes codes from IETF Request for Comments (RFCs), other specifications, and some additional codes used in some common applications of the HTTP. The first digit of the status code specifies one of five standard classes of responses. The optional message phrases shown are typical, but any human-readable alternative may be provided, or none at all.

Unless otherwise stated, the status code is part of the HTTP standard (RFC 9110).

The Internet Assigned Numbers Authority (IANA) maintains the official registry of HTTP status codes.^[1]

All HTTP response status codes are separated into five classes or categories. The first digit of the status code defines the class of response, while the last two digits do not have any classifying or categorization role. There are five classes defined by the standard:

• 1xx informational response – the request was received, continuing process
• 2xx successful – the request was successfully received, understood, and accepted
• 3xx redirection – further action needs to be taken in order to complete the request
• 4xx client error – the request contains bad syntax or cannot be fulfilled
• 5xx server error – the server failed to fulfil an apparently valid request

1xx informational response

An informational response indicates that the request was received and understood. It is issued on a provisional basis while request processing continues. It alerts the client to wait for a final response. The message consists only of the status line and optional header fields, and is terminated by an empty line. As the HTTP/1.0 standard did not define any 1xx status codes, servers must not^{[note 1]} send a 1xx response to an HTTP/1.0 compliant client except under experimental conditions.

100 Continue

The server has received the request headers and the client should proceed to send the request body (in the case of a request for which a body needs to be sent; for example, a POST request). Sending a large request body to a server after a request has been rejected for inappropriate headers would be inefficient. To have a server check the request’s headers, a client must send Expect: 100-continue as a header in its initial request and receive a 100 Continue status code in response before sending the body. If the client receives an error code such as 403 (Forbidden) or 405 (Method Not Allowed) then it should not send the request’s body. The response 417 Expectation Failed indicates that the request should be repeated without the Expect header as it indicates that the server does not support expectations (this is the case, for example, of HTTP/1.0 servers).^[2]

101 Switching Protocols

The requester has asked the server to switch protocols and the server has agreed to do so.

102 Processing (WebDAV; RFC 2518)

A WebDAV request may contain many sub-requests involving file operations, requiring a long time to complete the request. This code indicates that the server has received and is processing the request, but no response is available yet. ^[3] This prevents the client from timing out and assuming the request was lost. The status code is deprecated.^[4]

103 Early Hints (RFC 8297)

Used to return some response headers before final HTTP message.^[5]

2xx success

This class of status codes indicates the action requested by the client was received, understood, and accepted.^[1]

200 OK

Standard response for successful HTTP requests. The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action.

201 Created

The request has been fulfilled, resulting in the creation of a new resource.^[6]

202 Accepted

The request has been accepted for processing, but the processing has not been completed. The request might or might not be eventually acted upon, and may be disallowed when processing occurs.

203 Non-Authoritative Information (since HTTP/1.1)

The server is a transforming proxy (e.g. a Web accelerator) that received a 200 OK from its origin, but is returning a modified version of the origin’s response.^[7][8]

204 No Content

The server successfully processed the request, and is not returning any content.

205 Reset Content

The server successfully processed the request, asks that the requester reset its document view, and is not returning any content.

206 Partial Content

The server is delivering only part of the resource (byte serving) due to a range header sent by the client. The range header is used by HTTP clients to enable resuming of interrupted downloads, or split a download into multiple simultaneous streams.

207 Multi-Status (WebDAV; RFC 4918)

The message body that follows is by default an XML message and can contain a number of separate response codes, depending on how many sub-requests were made.^[9]

208 Already Reported (WebDAV; RFC 5842)

The members of a DAV binding have already been enumerated in a preceding part of the (multistatus) response, and are not being included again.

226 IM Used (RFC 3229)

The server has fulfilled a request for the resource, and the response is a representation of the result of one or more instance-manipulations applied to the current instance.^[10]

3xx redirection

This class of status code indicates the client must take additional action to complete the request. Many of these status codes are used in URL redirection.^[1]

A user agent may carry out the additional action with no user interaction only if the method used in the second request is GET or HEAD. A user agent may automatically redirect a request. A user agent should detect and intervene to prevent cyclical redirects.^[11]

300 Multiple Choices

Indicates multiple options for the resource from which the client may choose (via agent-driven content negotiation). For example, this code could be used to present multiple video format options, to list files with different filename extensions, or to suggest word-sense disambiguation.

301 Moved Permanently

This and all future requests should be directed to the given URI.

302 Found (Previously «Moved temporarily»)

Tells the client to look at (browse to) another URL. The HTTP/1.0 specification (RFC 1945) required the client to perform a temporary redirect with the same method (the original describing phrase was «Moved Temporarily»),^[12] but popular browsers implemented 302 redirects by changing the method to GET. Therefore, HTTP/1.1 added status codes 303 and 307 to distinguish between the two behaviours.^[11]

303 See Other (since HTTP/1.1)

The response to the request can be found under another URI using the GET method. When received in response to a POST (or PUT/DELETE), the client should presume that the server has received the data and should issue a new GET request to the given URI.

304 Not Modified

Indicates that the resource has not been modified since the version specified by the request headers If-Modified-Since or If-None-Match. In such case, there is no need to retransmit the resource since the client still has a previously-downloaded copy.

305 Use Proxy (since HTTP/1.1)

The requested resource is available only through a proxy, the address for which is provided in the response. For security reasons, many HTTP clients (such as Mozilla Firefox and Internet Explorer) do not obey this status code.

306 Switch Proxy

No longer used. Originally meant «Subsequent requests should use the specified proxy.»

307 Temporary Redirect (since HTTP/1.1)

In this case, the request should be repeated with another URI; however, future requests should still use the original URI. In contrast to how 302 was historically implemented, the request method is not allowed to be changed when reissuing the original request. For example, a POST request should be repeated using another POST request.

308 Permanent Redirect

This and all future requests should be directed to the given URI. 308 parallel the behaviour of 301, but does not allow the HTTP method to change. So, for example, submitting a form to a permanently redirected resource may continue smoothly.

4xx client errors

This class of status code is intended for situations in which the error seems to have been caused by the client. Except when responding to a HEAD request, the server should include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. These status codes are applicable to any request method. User agents should display any included entity to the user.

400 Bad Request

The server cannot or will not process the request due to an apparent client error (e.g., malformed request syntax, size too large, invalid request message framing, or deceptive request routing).

401 Unauthorized

Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication. 401 semantically means «unauthorised», the user does not have valid authentication credentials for the target resource.

Some sites incorrectly issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.^{[citation needed]}

402 Payment Required

Reserved for future use. The original intention was that this code might be used as part of some form of digital cash or micropayment scheme, as proposed, for example, by GNU Taler,^[14] but that has not yet happened, and this code is not widely used. Google Developers API uses this status if a particular developer has exceeded the daily limit on requests.^[15] Sipgate uses this code if an account does not have sufficient funds to start a call.^[16] Shopify uses this code when the store has not paid their fees and is temporarily disabled.^[17] Stripe uses this code for failed payments where parameters were correct, for example blocked fraudulent payments.^[18]

403 Forbidden

The request contained valid data and was understood by the server, but the server is refusing action. This may be due to the user not having the necessary permissions for a resource or needing an account of some sort, or attempting a prohibited action (e.g. creating a duplicate record where only one is allowed). This code is also typically used if the request provided authentication by answering the WWW-Authenticate header field challenge, but the server did not accept that authentication. The request should not be repeated.

404 Not Found

The requested resource could not be found but may be available in the future. Subsequent requests by the client are permissible.

405 Method Not Allowed

A request method is not supported for the requested resource; for example, a GET request on a form that requires data to be presented via POST, or a PUT request on a read-only resource.

406 Not Acceptable

The requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request. See Content negotiation.

407 Proxy Authentication Required

The client must first authenticate itself with the proxy.

408 Request Timeout

The server timed out waiting for the request. According to HTTP specifications: «The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time.»

409 Conflict

Indicates that the request could not be processed because of conflict in the current state of the resource, such as an edit conflict between multiple simultaneous updates.

410 Gone

Indicates that the resource requested was previously in use but is no longer available and will not be available again. This should be used when a resource has been intentionally removed and the resource should be purged. Upon receiving a 410 status code, the client should not request the resource in the future. Clients such as search engines should remove the resource from their indices. Most use cases do not require clients and search engines to purge the resource, and a «404 Not Found» may be used instead.

411 Length Required

The request did not specify the length of its content, which is required by the requested resource.

412 Precondition Failed

The server does not meet one of the preconditions that the requester put on the request header fields.

413 Payload Too Large

The request is larger than the server is willing or able to process. Previously called «Request Entity Too Large» in RFC 2616.^[19]

414 URI Too Long

The URI provided was too long for the server to process. Often the result of too much data being encoded as a query-string of a GET request, in which case it should be converted to a POST request. Called «Request-URI Too Long» previously in RFC 2616.^[20]

415 Unsupported Media Type

The request entity has a media type which the server or resource does not support. For example, the client uploads an image as image/svg+xml, but the server requires that images use a different format.

416 Range Not Satisfiable

The client has asked for a portion of the file (byte serving), but the server cannot supply that portion. For example, if the client asked for a part of the file that lies beyond the end of the file. Called «Requested Range Not Satisfiable» previously RFC 2616.^[21]

417 Expectation Failed

The server cannot meet the requirements of the Expect request-header field.^[22]

418 I’m a teapot (RFC 2324, RFC 7168)

This code was defined in 1998 as one of the traditional IETF April Fools’ jokes, in RFC 2324, Hyper Text Coffee Pot Control Protocol, and is not expected to be implemented by actual HTTP servers. The RFC specifies this code should be returned by teapots requested to brew coffee.^[23] This HTTP status is used as an Easter egg in some websites, such as Google.com’s «I’m a teapot» easter egg.^[24][25][26] Sometimes, this status code is also used as a response to a blocked request, instead of the more appropriate 403 Forbidden.^[27][28]

421 Misdirected Request

The request was directed at a server that is not able to produce a response (for example because of connection reuse).

422 Unprocessable Entity

The request was well-formed but was unable to be followed due to semantic errors.^[9]

423 Locked (WebDAV; RFC 4918)

The resource that is being accessed is locked.^[9]

424 Failed Dependency (WebDAV; RFC 4918)

The request failed because it depended on another request and that request failed (e.g., a PROPPATCH).^[9]

425 Too Early (RFC 8470)

Indicates that the server is unwilling to risk processing a request that might be replayed.

426 Upgrade Required

The client should switch to a different protocol such as TLS/1.3, given in the Upgrade header field.

428 Precondition Required (RFC 6585)

The origin server requires the request to be conditional. Intended to prevent the ‘lost update’ problem, where a client GETs a resource’s state, modifies it, and PUTs it back to the server, when meanwhile a third party has modified the state on the server, leading to a conflict.^[29]

429 Too Many Requests (RFC 6585)

The user has sent too many requests in a given amount of time. Intended for use with rate-limiting schemes.^[29]

431 Request Header Fields Too Large (RFC 6585)

The server is unwilling to process the request because either an individual header field, or all the header fields collectively, are too large.^[29]

451 Unavailable For Legal Reasons (RFC 7725)

A server operator has received a legal demand to deny access to a resource or to a set of resources that includes the requested resource.^[30] The code 451 was chosen as a reference to the novel Fahrenheit 451 (see the Acknowledgements in the RFC).

5xx server errors

The server failed to fulfil a request.

Response status codes beginning with the digit «5» indicate cases in which the server is aware that it has encountered an error or is otherwise incapable of performing the request. Except when responding to a HEAD request, the server should include an entity containing an explanation of the error situation, and indicate whether it is a temporary or permanent condition. Likewise, user agents should display any included entity to the user. These response codes are applicable to any request method.

500 Internal Server Error

A generic error message, given when an unexpected condition was encountered and no more specific message is suitable.

501 Not Implemented

The server either does not recognize the request method, or it lacks the ability to fulfil the request. Usually this implies future availability (e.g., a new feature of a web-service API).

502 Bad Gateway

The server was acting as a gateway or proxy and received an invalid response from the upstream server.

503 Service Unavailable

The server cannot handle the request (because it is overloaded or down for maintenance). Generally, this is a temporary state.^[31]

504 Gateway Timeout

The server was acting as a gateway or proxy and did not receive a timely response from the upstream server.

505 HTTP Version Not Supported

The server does not support the HTTP version used in the request.

506 Variant Also Negotiates (RFC 2295)

Transparent content negotiation for the request results in a circular reference.^[32]

507 Insufficient Storage (WebDAV; RFC 4918)

The server is unable to store the representation needed to complete the request.^[9]

508 Loop Detected (WebDAV; RFC 5842)

The server detected an infinite loop while processing the request (sent instead of 208 Already Reported).

510 Not Extended (RFC 2774)

Further extensions to the request are required for the server to fulfil it.^[33]

511 Network Authentication Required (RFC 6585)

The client needs to authenticate to gain network access. Intended for use by intercepting proxies used to control access to the network (e.g., «captive portals» used to require agreement to Terms of Service before granting full Internet access via a Wi-Fi hotspot).^[29]

Unofficial codes

The following codes are not specified by any standard.

419 Page Expired (Laravel Framework)

Used by the Laravel Framework when a CSRF Token is missing or expired.

420 Method Failure (Spring Framework)

A deprecated response used by the Spring Framework when a method has failed.^[34]

420 Enhance Your Calm (Twitter)

Returned by version 1 of the Twitter Search and Trends API when the client is being rate limited; versions 1.1 and later use the 429 Too Many Requests response code instead.^[35] The phrase «Enhance your calm» comes from the 1993 movie Demolition Man, and its association with this number is likely a reference to cannabis.^{[citation needed]}

430 Request Header Fields Too Large (Shopify)

Used by Shopify, instead of the 429 Too Many Requests response code, when too many URLs are requested within a certain time frame.^[36]

450 Blocked by Windows Parental Controls (Microsoft)

The Microsoft extension code indicated when Windows Parental Controls are turned on and are blocking access to the requested webpage.^[37]

498 Invalid Token (Esri)

Returned by ArcGIS for Server. Code 498 indicates an expired or otherwise invalid token.^[38]

499 Token Required (Esri)

Returned by ArcGIS for Server. Code 499 indicates that a token is required but was not submitted.^[38]

509 Bandwidth Limit Exceeded (Apache Web Server/cPanel)

The server has exceeded the bandwidth specified by the server administrator; this is often used by shared hosting providers to limit the bandwidth of customers.^[39]

529 Site is overloaded

Used by Qualys in the SSLLabs server testing API to signal that the site can’t process the request.^[40]

530 Site is frozen

Used by the Pantheon Systems web platform to indicate a site that has been frozen due to inactivity.^[41]

598 (Informal convention) Network read timeout error

Used by some HTTP proxies to signal a network read timeout behind the proxy to a client in front of the proxy.^[42]

599 Network Connect Timeout Error

An error used by some HTTP proxies to signal a network connect timeout behind the proxy to a client in front of the proxy.

Internet Information Services

Microsoft’s Internet Information Services (IIS) web server expands the 4xx error space to signal errors with the client’s request.

440 Login Time-out

The client’s session has expired and must log in again.^[43]

449 Retry With

The server cannot honour the request because the user has not provided the required information.^[44]

451 Redirect

Used in Exchange ActiveSync when either a more efficient server is available or the server cannot access the users’ mailbox.^[45] The client is expected to re-run the HTTP AutoDiscover operation to find a more appropriate server.^[46]

IIS sometimes uses additional decimal sub-codes for more specific information,^[47] however these sub-codes only appear in the response payload and in documentation, not in the place of an actual HTTP status code.

nginx

The nginx web server software expands the 4xx error space to signal issues with the client’s request.^[48][49]

444 No Response

Used internally^[50] to instruct the server to return no information to the client and close the connection immediately.

494 Request header too large

Client sent too large request or too long header line.

495 SSL Certificate Error

An expansion of the 400 Bad Request response code, used when the client has provided an invalid client certificate.

496 SSL Certificate Required

An expansion of the 400 Bad Request response code, used when a client certificate is required but not provided.

497 HTTP Request Sent to HTTPS Port

An expansion of the 400 Bad Request response code, used when the client has made a HTTP request to a port listening for HTTPS requests.

499 Client Closed Request

Used when the client has closed the request before the server could send a response.

Cloudflare

Cloudflare’s reverse proxy service expands the 5xx series of errors space to signal issues with the origin server.^[51]

520 Web Server Returned an Unknown Error

The origin server returned an empty, unknown, or unexpected response to Cloudflare.^[52]

521 Web Server Is Down

The origin server refused connections from Cloudflare. Security solutions at the origin may be blocking legitimate connections from certain Cloudflare IP addresses.

522 Connection Timed Out

Cloudflare timed out contacting the origin server.

523 Origin Is Unreachable

Cloudflare could not reach the origin server; for example, if the DNS records for the origin server are incorrect or missing.

524 A Timeout Occurred

Cloudflare was able to complete a TCP connection to the origin server, but did not receive a timely HTTP response.

525 SSL Handshake Failed

Cloudflare could not negotiate a SSL/TLS handshake with the origin server.

526 Invalid SSL Certificate

Cloudflare could not validate the SSL certificate on the origin web server. Also used by Cloud Foundry’s gorouter.

527 Railgun Error

Error 527 indicates an interrupted connection between Cloudflare and the origin server’s Railgun server.^[53]

530

Error 530 is returned along with a 1xxx error.^[54]

AWS Elastic Load Balancer

Amazon’s Elastic Load Balancing adds a few custom return codes

460

Client closed the connection with the load balancer before the idle timeout period elapsed. Typically when client timeout is sooner than the Elastic Load Balancer’s timeout.^[55]

463

The load balancer received an X-Forwarded-For request header with more than 30 IP addresses.^[55]

464

Incompatible protocol versions between Client and Origin server.^[55]

561 Unauthorized

An error around authentication returned by a server registered with a load balancer. You configured a listener rule to authenticate users, but the identity provider (IdP) returned an error code when authenticating the user.^[55]

Caching warning codes (obsoleted)

The following caching related warning codes were specified under RFC 7234. Unlike the other status codes above, these were not sent as the response status in the HTTP protocol, but as part of the «Warning» HTTP header.^[56][57]

Since this «Warning» header is often neither sent by servers nor acknowledged by clients, this header and its codes were obsoleted by the HTTP Working Group in 2022 with RFC 9111.^[58]

110 Response is Stale

The response provided by a cache is stale (the content’s age exceeds a maximum age set by a Cache-Control header or heuristically chosen lifetime).

111 Revalidation Failed

The cache was unable to validate the response, due to an inability to reach the origin server.

112 Disconnected Operation

The cache is intentionally disconnected from the rest of the network.

113 Heuristic Expiration

The cache heuristically chose a freshness lifetime greater than 24 hours and the response’s age is greater than 24 hours.

199 Miscellaneous Warning

Arbitrary, non-specific warning. The warning text may be logged or presented to the user.

214 Transformation Applied

Added by a proxy if it applies any transformation to the representation, such as changing the content encoding, media type or the like.

299 Miscellaneous Persistent Warning

Same as 199, but indicating a persistent warning.

See also

• Custom error pages
• List of FTP server return codes
• List of HTTP header fields
• List of SMTP server return codes
• Common Log Format

Explanatory notes

References

External links

• «RFC 9110: HTTP Semantics and Content, Section 15 «Status Codes»«.
• Hypertext Transfer Protocol (HTTP) Status Code Registry at the Internet Assigned Numbers Authority
• MDN status code reference at mozilla.org

Умные люди придумали коды, по которым можно определить, что произошло с HTTP-запросом. Успешен ли он, произошло ли перенаправление. Или же все закончилось ошибкой. Как раз об ошибках и будем говорить в этой статье. Вкратце расскажу, какие они бывают и с чем связаны. 

А еще тут будет парочка забавных (и не очень) пикч и анимаций на тему описанных ошибок. Хоть какое-то развлечение.

Ошибки со стороны клиента (4xx)

Для начала перечислим коды ошибок на стороне клиента. Вина за их появление ложится на плечи обоих участников соединения.

400 Bad Request

Такой ответ от браузера можно получить в том случае, если сервер не смог правильно отреагировать на запрос со стороны пользователя. Часто код 400 возникает при попытке клиента получить доступ к серверу без соблюдения правил оформления синтаксиса протокола передачи гипертекста (HTTP). Повторный запрос не стоит отправлять до тех пор, пока не будет исправлена ошибка (или несколько из них). 

401 Unauthorized

Код 401 возникает при попытке клиента получить доступ к серверу, используя неправильные данные для авторизации. По сути, используется, когда пользователь вводит неправильный логин и пароль на ресурсе, где требуется эта информация для входа. Читайте: Как исправить ошибку 401

402 Payment Required

Эта ошибка сообщает клиенту о том, что для успешного выполнения запроса ему необходимо оплатить доступ к серверу. Изначально код 402 должен был стать неким стандартом для цифровой валюты и оплаты контента в сети. Но не срослось. До сих пор нет единого решения по поводу того, как должны выглядеть платежи в сети. Также нет и единого решения по поводу того, как стоит использовать 402. 

Все еще считается, что код существует с расчетом на будущее. Сейчас почти не используется и поддерживается не всеми браузерами.

403 Forbidden

Почти то же, что и 401. Сервер снова не разрешает к нему подключиться, хотя с запросом все в порядке. Просто нет доступа. Причем повторная авторизация с другими логином и паролем никак не помогут. Все вопросы к владельцам сервера (но не всегда). Инструкция по устранению ошибки. 

Творчество на тему знаменитой киносаги

404 Not Found

Легендарная ошибка, ставшая популярным мемом. 404 оповещает клиента о том, что его запрос ведет в никуда. Код возникает, когда пользователь пытается попасть на страницу, которой не существует. Например, когда случайно ошибается при вводе ссылки и вводит ее с опечаткой. Или же пытается получить доступ к странице, которой на сайте уже нет. 

В отличие от других кодов, страницу с 404 частенько кастомизируют, создавая для нее уникальный дизайн. Мало того, что это выглядит симпатичнее, так еще и полезнее для посетителей. Можно прямо на странице с ошибкой разъяснить, что произошло и как дальше действовать.

И таких вариаций тысячи. Каждый пытается добавить в оформление что-то свое.

405 Method Not Allowed

405 сообщает клиенту о том, что метод, используемый при запросе, не разрешен. В качестве примера можно привести попытку со стороны клиента ввести данные в форму с помощью GET, когда она работает только с POST. Ну и в таком же духе. 

406 Not Acceptable

Ошибка 406 сообщает о том, что страница передает контент, который не может быть распознан клиентом. Возможно, проблема в методе сжатия или в формате страницы. Иногда сюда же приплетают неправильные настройки кодировки.

Этот код редко используют на практике, так как его появления можно избежать, предоставив пользователю информацию на сайте в том виде, который его браузер способен принять. Посетитель сайта по итогу получит не то, что ожидал, но хотя бы не ошибку.

407 Proxy Authentication Required

Этот код тоже похож на 401. Только на этот раз логин и пароль нужны не для основного сервера, а для прокси, который находится между клиентом и сервером. Обычно в теле ошибки содержится информация о том, как можно правильно пройти авторизацию и получить доступ к ресурсу.

408 Request Timeout

408 говорит нам о том, что сервер пожелал разорвать соединение с клиентом, потому что оно никак не используется. Происходит это в том случае, если сервер буквально устал ждать, пока наладится соединение с ним. Поэтому такую ошибку часто можно лицезреть после очень долгой и безуспешной загрузки какого-нибудь сайта. 

Многие серверы не отправляют никаких сообщений, а просто прерывают соединение по той же причине. На запрос уходит больше времени, чем на то полагается.

В Мистере Роботе частенько называли серии в честь ошибок HTTP (весь четвертый сезон в нумерации 4хх). В честь 408, например, назвали восьмую серию четвертого сезона

409 Conflict

Сообщение о конфликте возникает, когда запрос со стороны клиента не соответствует тому, чего ожидает сервер. В качестве примера приводят проблемы при проверки версий, когда пользователь пытается с помощью метода PUT загрузить на сервер новый файл, но там уже имеется более новая версия того же файла. Конфликта версий можно легко избежать, загрузив корректную версию.

410 Gone

Своего рода аналог 404. Разница лишь в том, что 410 намекает на перманентность отсутствия страницы. Так что этот код стоит использовать, когда на 100% уверен, что страница ушла в небытие (ну или с текущего адреса) навсегда. В любом другом случае есть универсальный 404. 

411 Length Required

411 оповещает пользователя о том, что сервер не желает принимать запрос со стороны клиента, потому что в нем не определен заголовок Content-Length. Да, это первый код в подборке, который смогут понять только люди, сведущие в настройке серверов. По-простому уложить сущность HTML-заголовков в этот материал не получится.

412 Precondition Failed

Еще один код, сообщающий о том, что сервер отклонил запрос пользователя и не разрешает доступ к выбранному ресурсу. Проблемы возникают при неправильной настройке работы методов, отличающихся от GET и HEAD. 

413 Payload Too Large/Request Entity Too Large

Код 413 говорит нам, что запрос, который посылает клиент на сервер, слишком большой. Поэтому сервер отказывается его обрабатывать и разрывает соединение. Обычно это происходит при попытке загрузить на ресурс какой-то файл, превышающий ограничение, выставленное в настройках сервера. Соответственно, решается проблема изменением настроек сервера. 

414 URI Too Long

Чем-то этот код похож на предыдущий. Здесь тоже идет речь о превышение лимита. Только теперь это касается не запроса со стороны клиента, а длины URI. То есть ссылки. Выходит, что адрес, используемый клиентом, больше, чем тот, что может обработать сервер. Как-то так. 

Такая ошибка иногда выскакивает при попытке взломать ресурс. Сайт так реагирует на слишком частые попытки воспользоваться потенциальными дырами в безопасности.

415 Unsupported Media Type

Ошибка 415 возникает, когда клиент пытается загрузить на сервер данные в неподходящем формате. В таком случае сервер просто отказывается принимать посылаемые файлы и разрывает соединение. Как и в случае с 413. 

416 Range Not Satisfiable

Подобный ответ можно ожидать, если клиент запрашивает у сервера определенные данные, но эти данные на сервере не соответствуют запросу. То есть, грубо говоря, вы просите у сервера какой-то набор данных с заранее заданным размером, а в итоге оказывается, что размер этих данных меньше, чем объем, указанный в запросе. Серверу ничего не остается, кроме как послать вас, ведь он не обучен поведению в таких ситуациях.

417 Expectation Failed

Такая ошибка высвечивается, когда ожидания сервера не совпадают с данными в запросе клиента. Сведения об ожиданиях прописываются в заголовке Expect заранее. Так что можно ознакомиться с ними, чтобы выяснить, как решить названную проблему.

418 I’m a teapot

Код 418 можно увидеть, если сервер откажется варить кофе, потому что он чайник. Это первоапрельская шутка. Естественно, 418 не используется нигде всерьез и просто существует как дань памяти программистам-юмористам, придумавшим это в 1998 году.

У Google получился такой симпатичный чайник

421 Misdirected Request

Появляется когда запрос клиента переправляется на сервер, который не может дать на него адекватный ответ. Например, если запрос был отправлен на ресурс, который вообще не настроен обрабатывать запросы извне. 

Чтобы исправить проблему, можно попробовать переподключиться к ресурсу заново или попробовать другое соединение.

422 Unprocessable Entity

Код 422 говорит, что сервер вроде бы принял запрос, понял его, все хорошо, но из-за семантических ошибок корректно обработать не смог. Значит, где-то в запросе затаилась логическая ошибка, мешающая корректному взаимодействию клиента и сервера. Надо ее найти и исправить.

423 Locked

Обычно на этот код напарываются, когда запрашиваемый ресурс оказывается под защитой. Используемые клиентом методы блокируются на уровне сервера. Это делается, чтобы обезопасить данные, хранящиеся на защищенной странице. Без логина и пароля выудить информацию с такого сервера не получится.

424 Failed Dependency

424 сообщает о том, что для выполнения запроса со стороны клиента успешно должна завершиться еще одна или несколько параллельных операций. Если какая-то из них «провалится», то «помрет» все соединение сразу, и обработать запрос до конца не получится. Аналогичное происходит, если некорректно был обработан один из предыдущих запросов.

425 Too Early

Появляется в ответ на запрос, который может быть моментально запущен заново. Сервер не рискует и не берется за его обработку, чтобы не подставиться под так называемую «атаку повторного воспроизведения».

426 Upgrade Required

Тут нам прямо сообщают, что сервер не желает с нами общаться, пока мы не перейдем на более современный протокол. Наткнуться на такую ошибку очень тяжело, но в случае появления, скорее всего, будет достаточно установить браузер посвежее.

428 Precondition Required

428 выскакивает, если пользователь отправляет запрос на сервер, но получает некорректные или неактуальные данные. Так ресурс оповещает о необходимости внести в запрос информацию о предварительных условиях обработки данных. Только так он сможет гарантировать получение клиентом нужной информации.

429 Too Many Requests

Здесь все просто. Ошибка появляется, когда клиент отправляет на сервер слишком много запросов в короткий промежуток времени. Очень похоже на поведение взломщиков. По этой причине запрос моментально блокируется. 

431 Request Header Fields Too Large

Из названия понятно, что ошибка с кодом 431 появляется из-за того, что в запросе клиента используются слишком длинные заголовки (неважно, один или несколько из них). Исправляется это с помощью сокращения заголовков и повторной отправки запроса. В теле ошибки обычно отображается краткая информация о том, как пользователь может решить эту проблему самостоятельно.

444 No Response

Этот код вам вряд ли удастся увидеть. Он отображается в лог-файлах, чтобы подтвердить, что сервер никак не отреагировал на запрос пользователя и прервал соединение. 

449 Retry With

Код используется в расширениях компании Microsoft. Он сигнализирует о том, что запрос от клиента не может быть принят сервером. Причиной становятся неверно указанные параметры. Сама 449 ошибка говорит о необходимости скорректировать запрос и повторить его снова, подготовив к работе с сервером.

450 Blocked by Windows Parental Controls

450 код увидят дети, попавшие под действие системы «Родительский контроль» компании Microsoft. По сути, ошибка говорит о том, что с компьютера попытались зайти на заблокированный ресурс. Избежать этой ошибки можно изменением параметров родительского контроля.

451 Unavailable For Legal Reasons

Этот код сообщает клиенту, что он не может попасть на запрашиваемый ресурс из юридических соображений. Скорее всего, доступ был заблокирован из-за каких-нибудь государственных санкций, нового законодательства или цензуры со стороны властей. В общем, все вопросы к государству и провайдеру связи.

Список ошибок на стороне сервера (5xx)

Теперь поговорим об ошибках, которые возникают где-то на сервере. Все они связаны с запросами, которые не удается обработать на том конце. Пользователь зачастую в их появлении не виноват.

500 Internal Server Error

Этот код возникает, когда сервер сталкивается с непредвиденными обстоятельствами. Такими, которые и сам не может пояснить. Как, собственно, и завершить запрос со стороны пользователя. По факту, эта ошибка говорит нам что-то вроде «Я не могу подобрать более подходящий код ошибки, поэтому лови 500 и делай с этим, что хочешь». Мы писали о нем чуть подробнее тут.

Дело не в тебе, дело во мне (С)

501 Not Implemented

501 говорит нам, что функциональность, необходимая для обработки запроса со стороны клиента, попросту не реализована на сервере. Он не сможет корректно обработать используемый метод. 

Иногда в теле ошибки еще пишут что-то в духе «Приходите попозже, возможно, в будущем нужная функция появится».

502 Bad Getaway

Можно встретить в том случае, если запрашиваемый сервер выступает в роли шлюза или прокси. Возникает из-за несогласования протоколов между вышестоящим серверов и его шлюзом. Рассказываем о том, как ее исправить, в этой статье. 

503 Service Unavailable

Появляется, когда сервер не может обработать запрос клиента по одной из двух технических причин:

1. Слишком много пользователей в текущий момент пытаются отправить запросы, и у сервера не остается ресурсов, чтобы ответить кому-либо еще.
2. На сервере ведутся технические работы, временно блокирующие его работу.

Обычно ошибка 503 носит временный характер, и для ее решения достаточно немного подождать. 

504 Gateway Timeout

Ошибка похожа на 408. Здесь же прокси-сервер пытается выйти на контакт с вышестоящим сервером, но не успевает это сделать до истечения тайм-аута. Отсюда и ошибка.

505 HTTP Version Not Supported

Этот код похож на 426. Он тоже связан с неподходящей версией протокола HTTP. В этом случае нужно обеспечить и клиента, и сервер единой версией. Она, как правило, указывается в запросе со стороны пользователя. 

506 Variant Also Negotiates

Обычно с такой ошибкой сталкиваются только в том случае, если сервер изначально настроен неправильно. То есть это не сиюминутная проблема, а что-то серьезное на уровне базовой конфигурации. Тут придется потрудиться разработчикам. Выявить проблему и разрешить ее.

507 Insufficient Storage

Код 507 встречается в тех ситуациях, когда серверу не хватает пространства в хранилище для обработки запроса со стороны клиента. Проблема решается освобождением места или расширением доступного пространства. Тогда сервер сможет без проблем обработать запрос пользователя.

508 Loop Detected

Таким кодом сервер отзовется в случае, если заметит бесконечный цикл в запросе клиента. Можно расценивать его как провал запроса и выполняемой операции в целом.

509 Bandwidth Limit Exceeded

Возникает, если сервер начинает потреблять больше трафика, чем ему позволено. 

510 Not Extended

Появляется, если клиент посылает запрос на использование какого-либо расширения, отсутствующего на сервере. Чтобы исправить проблему, надо убрать декларирование неподдерживаемого расширения из запроса или добавить поддержку на сервер.

511 Network Authentication Required

511 код говорит о том, что перед тем как выйти в сеть, надо авторизоваться (ввести логин и пароль). Можно воспринимать это неким PPPoE подключением, когда от клиента требуются данные для авторизации.

Заключение

Закончили. Это все ошибки, которыми отзывается HTTP, если на стороне сервера или клиента что-то пошло не так. Наткнуться на большую их часть довольно тяжело. Особенно, если вы раньше только серфили в интернете, а не занимались разработкой сайтов. А тем, кто входит в эту стезю, полезно знать основные ошибки, так как, скорее всего, придется не раз их исправлять. 

Last Edited January 25, 2018 by
Garenne Bigby in Blog

HTTP or Hypertext Transfer Protocol response status codes include status codes from internet standards, other IETF RFCs, IETF, and others. The first digit of the status code indicates one of the five classes of response. These classes must be recognized by an HTTP client. The Internet Assigned Numbers Authority (IANA) governs the official registry of HTTP status codes. Additional decimal sub-codes provide a little more specific information and direction. The following list details what each of the five classes mean as well as the specific decimal sub-codes under each class.

 
1xx

Codes under the 1xx coding specify a provisional response. These responses are comprised of optional headers and the status-line and is completed by an empty line. No required headers are needed for this class of status code. Servers are not allowed to send a 1xx response to an HTTP/1.0 client unless certain conditions exist. This is because HTTP/1.0 did not define any 1xx status codes. Keep in mind that a client must be prepared to accept one or more 1xx status responses before a regular response. This is even if the client does not expect a 100 (Continue) status message. However, unexpected 1xx status responses can be ignored by a user agent.

100 Continue

This code describes an incident where the server has received the request headers and the client can go ahead and now send the request. Sending a larger request body to a server after a request has already been rejected due to inappropriate headers is not proper. A client wanting to have a server verify the request’s headers needs to send “Expect: 100-continue” as a header in its first request and receive a 100 Continue status code in response before sending the body. A response of “417 Expectation Failed” is an indication that the request should be discontinued.

101 Switching Protocols

This status response indicates that the entity making the request has asked the server to change protocols and the server has acquiesce to the request.

102 Processing (WebDAV; RFC 2518)

This code indicates that a server has received a WebDAV request and is processing it. A WebDAV request can contain many sub-requests within it and can also require a long time to fulfill the application. This code can prevent the client from timing out presuming that the request was missing.

2xx

The class of codes under 2xx indicate that the server has received client’s request, understands said request, accepts it and has processed it successfully.

200 OK

A response of 200 OK is a standard response for any successful HTTP request. It depends on the type of request in terms of what response is issued. When it comes to a “GET request,” the response will have a unit that corresponds to the request. In a “POST” request, the response contains an entity describing the end result.

201 Created

This code indicates that a request has been fulfilled and has resulted in the creation of a new resource.

202 Accepted

A 202 Accepted code means that the request has been confirmed and accepted for processing; however, the procedure has not been completed. While it is processing, the request may or may not ultimately be acted upon or it may be forbidden when the processing occurs.

203 Non-Authoritative Information (since HTTP/1.1)

This response indicates that the server, as a transforming proxy or Web accelerator, has received a 200 OK from its origin but is returning a modified version of the origin’s response.

204 No Content

A 204 No Content status response means that the server has successfully received and processed the request and is not returning any substance.

205 Reset Content

This status response means that the server has processed the request but is not responding with content. However, even though a 204 response means a similar result, a 205 Reset Content response requires the requester reset the document view to continue.

206 Partial Content (RFC 7233)

A 206 Partial Content code tells that the server is returning only a partial answer, such as a byte serving, due to a range header requested. This range header is applied by clients to authorize resuming of intermittent downloads or split a download into various simultaneous streams.

207 Multi-Status (WebDAV; RFC 4918)

A 207 message indicates that the response that follows is an XML message. This message can include a number of discrete response codes. These responses can depend on the amount of sub-requests that were initiated by the client.

208 Already Reported (WebDAV; RFC 5842)

A 208 code indicates that those of a DAV agreement have formerly been counted and listed in an earlier reply to the request and aren’t being incorporated any more.

226 IM Used (RFC 3229)

A 226 IM Used response means that the server has fulfilled a request for the resource; however, the response is a demonstration of the result of at least one or more instance-manipulations assigned to the current instance.

3xx Redirection

Statuses under 3xx are codes that indicate that the client is required to take additional steps to complete a request. Many 3xx status codes are used in URL redirection. A user agent may carry out this additional action with absolutely no user interaction. However, this can only happen if the method used in this second request is GET or HEAD. In the alternative, a user agent may also automatically redirect a request. It is important, though, that the user agent detects and intervenes in order to prevent cyclical redirects.

300 Multiple Choices

A 300-multiple choice response indicates that multiple options for the resource from which the client may choose exist. These options can include agent-driven content negotiation. One example of this could be used to prevent multiple video format options by listing the files with different filename extensions.

301 Moved Permanently

A response of 301 Moved Permanently means that this and all future requests should be directed to the selected URL.

302 Found

A 302 response indicates that a HTTP/1.0 specification (RFC 1945) requires the client to perform a temporary redirect. This response is an example of industry practices contradicting the standard. Originally this response was described as “moved temporarily.” However, browsers implemented 302 as a response, and with the functionality of a 303. As a result, HTTP/1.1 added status codes 307 and 303 to differentiate between the two. Some Web applications continue to use the 302 status code, though, as if it were 303.

303 See Other (since HTTP/1.1)

A 303 response can be found using a GET method under another URI. When this is obtained in response to a PUT/DELETE or POST, the client should assume that the server has received the data and should expect a redirect with a separate GET message.

304 Not Modified (RFC 7232)

A 304 Not Modified response signifies that the resource has not been modified since the version indicated by the request headers “If-None-Match” or “If-Modified-Since” responses were given. In this situation, no need exists to retransmit the resource since the client still has a downloaded copy.

305 Use Proxy (since HTTP/1.1)

A 305 response means that the requested resource is only available through a proxy. The proxy is the address provided in the response. Mozilla and Internet Explorer are two HTTP clients who do not handle responses with this status code, for security reasons.

306 Switch Proxy

This status response is no longer in use. It initially indicated that subsequent requests should return to the specified proxy.

307 Temporary Redirect (since HTTP/1.1)

A request receiving a 307 response should be repeated with another URI. Future requests, though, should still use the original URI. In the past, requests resulting in a 302 response were not permitted to be changed when reissuing the primary request. One example of this is a POST request that should be repeated using a different POST request.

308 Permanent Redirect (RFC 7538)

A 308 response indicates that the current request and all forthcoming requests should be repeated using another URI. Responses under 307 and 308 parallel the actions of 301 and 302 responses. However these do not allow the HTTP method to change.

4xx Client Error

The 4xx class of status codes are meant for situations where the client has erred. The server should contain an entity encompassing some type of explanation of the error condition including both temporary and permanent conditions. These error codes are applicable to any request methods, and user agents should display them to any included entity to the user.

400 Bad Request

A 400 request means that the server can or will not process the request because of a client error. This error can be a malformed request syntax, deceptive request routing, invalid request message framing, or size that is too large.

401 Unauthorized (RFC 7235)

A 401 response is used for when authentication is required and has failed or has yet to be provided. This response should include a WWW-Authenticate header field which contains a challenge that is applicable to the entreated resource, such as a digit access authentication and basic access authentication. 401 means “unauthenticated,” meaning the user does not have the needed credentials. Some sites give a 401 when an IP address is otherwise banned from the website and that particular address is denied permission to access a certain site.

402 Payment Required

A 402 response is reserved for future use. This code was originally intended to be used as a form of digital cash or micropayment. However, currently this code is not used. Google Developers API use this status, however, if a particular developer has gone over the daily limit on requests.

403 Forbidden

A 403 Forbidden response means that the request was valid, but the server is declining to react to it. This can be for several reasons, one of them being the user might be logged in but not have the required permissions to access the resource.

404 Not Found

This response means that the bidden resource cannot be found but could be available in the future. It also means that subsequent requests by the client are allowed.

405 Method Not Allowed

A 405 Method Not Allowed means that a request method used was not supported for the requested resource. For example, a GET request on a form may require a PUT request on a read-only resource or data that needs to be presented via POST.

406 Not Acceptable

A 406 response means that the bidden resource is only capable of producing content that is not acceptable set by the Accept headers attached in the application.

407 Proxy Authentication Required (RFC 7235)

A 407 proxy authentication required response means that the client should first validate itself with the proxy.

408 Request Time-out

This type of response means that the server has timed out while waiting for the request. In accordance with the HTTP specifications: «The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time.»[a]

409 Conflict

A 409 Conflict response means that due to a conflict in the request, it could not have be processed. This can include an edit conflict between various concurrent updates.

410 Gone

A 410 Gone response means that the resource that is being requested is no longer available nor will it be available again. A 410 Gone response should be received when the resource was intentionally removed or when the resource should be purged. The client should not request this resource in the future and search engines should eliminate the resource from their indices. However, most use cases do not require this absolute of a response and do not require search engines and clients to purge the resources, allowing a 404 Not Found response to be used instead.

411 Length Required

A 411 Length Required response indicates that the request did not state the length of content, which is needed by the requested resource.

412 Precondition Failed (RFC 7232)

This response indicates that the server does not meet one of the preconditions that is required of that request.

413 Payload Too Large (RFC 7231)

When a request is more than the server is capable of processing, a 413 Payload Too Large response will be given. This was originally called a “Request Entity Too Large” response.

414 URI Too Long (RFC 7231)

If a URI given was too long for the server to process, a 414 URI Too Long response is given. This response can often be the result of large amounts data being encoded as a query-string of a GET request. In this event, it should be converted to a POST request.

415 Unsupported Media Type

A 415 Unsupported Media Type means that the request entity has a media type which the server or resource does not support. If a client uploads an image in one format, but the server requires another format, a 415 Unsupported Media Type response may be given.

416 Range Not Satisfiable (RFC 7233)

A 416 Range Not Satisfiable response code indicates that the client has asked for a portion of the file, such as a byte serving, but the server cannot satisfy that request for that portion. Perhaps the request is for a part of the file that is beyond the end of the file. That request would result in a 416 response.

417 Expectation Failed

A 417 Expectation Failed response code will come when the server cannot meet the demands of the “Expect” request-header field.

418 I’m a teapot (RFC 2324)

The title of this code response seems a little tongue in cheek, and perhaps that could be because the code was defined in 1998 as one of the IETF April Fool’s Jokes in reference to RFC 2324 Hyper Text Coffee Pot Control Protocol. It was not expected to be employed by actual HTTP servers. The RFC states this code should be in response by teapots entreated to brew coffee. It is often used as an “Easter egg” in some sites, including Google.

421 Misdirected Request (RFC 7540)

A 421 Misdirected Request response means that the request given was directed at a server that is simply not able to produce a response.

422 Unprocessable Entity (WebDAV; RFC 4918)

A 422 Unprocessable Entity response is when a request was well-formed, but the server could not follow the request due to semantic errors within the request.

423 Locked (WebDAV; RFC 4918)

A 423 Locked response occurs when the resource being sort is locked.

424 Failed Dependency (WebDAV; RFC 4918)

This response occurs when the request being made fails due to the failure of an earlier request.

426 Upgrade Required

A 426 Upgrade Required response is a result of a client needing to switch to a different protocol before a request can be completed. This switch could be to a TLS/1.0 provided in the Upgrade header field.

428 Precondition Required (RFC 6585)

This response is the request of a request being made through the origin server that requires the request to be conditional. This response is intended to stop the “lost update” problem often given when a client GETs a resource’s state, and PUTs it to the server after changing it while, at the same time, another party has modified the state on the server, resulting in a conflict between the two.

429 Too Many Requests (RFC 6585)

When a user has sent an excessive amount of requests in a specified timeframe, they will receive a 429 “To Many Requests” response. This response is intended for use with rate-limiting schemes.

431 Request Header Fields Too Large (RFC 6585)

A server that is reluctant to process a request because all of the header fields collectively or the individual header field are too large will result in this 431 response.

451 Unavailable For Legal Reasons

When a server operator has gotten a legal request to a set of resources that include the requested resource or to deny access to a resource, a code 451 response will be given. The specific number 451 is in reference to the novel Fahrenheit 451.

5xx Server Error

The 5xx class of codes are responses to requests that servers fail to fulfill. These response status codes indicate cases where the server is sent a response, it is aware it is incapable of performing the request or has encountered an error. These response codes are applicable in any type of request method. The server should include some type of entity containing an explanation of what the error situation involves and indicate whether this error is a temporary or permanent one. User agents should also display any included entity to the user.

500 Internal Server Error

A 500 Internal Server Error response is essentially a generic error message. You see these messages when an unexpected condition is encountered and no other 500 message is applicable.

501 Not Implemented

A 501 response occurs when the server does not have the ability to fulfill the request or the server does not recognize the method through which the request is sent. This type of response does imply that it could be available in the future.

502 Bad Gateway

A 502 Bad Gateway response is given in situations where a server was acting as a proxy or gateway and received an invalid reply from the upstream server.

503 Service Unavailable

In this type of response, the server is unavailable due to it being overloaded or down for maintenance. A 503 Service Unavailable response is a temporary error response.

504 Gateway Time-out

A 504 Gateway Time-out response comes when a server was acting as a gateway or proxy and it did not receive a timely response from the upstream server, thereby “timing out” the request.

505 HTTP Version Not Supported

This response comes when a server does not support the HTTP protocol version used in a demand.

506 Variant Also Negotiates (RFC 2295)

A 506 response comes when transparent content negotiation for a specific request results in circular references.

507 Insufficient Storage (WebDAV; RFC 4918)

When a server is incapable of storing the representation that is needed to complete a request, a 507 Insufficient Storage response results.

508 Loop Detected (WebDAV; RFC 5842)

In these situations, a 508 Loop Detected response indicates that the server has detected an immeasurable loop while handling the request. This response is sent in lieu of a 208 Already Reported response.

510 Not Extended (RFC 2774)

A 510 error response occurs when further extensions to the request are needed in order for the server to fully fulfill the request.

511 Network Authentication Required (RFC 6585)

In 511 error response, the client needs to authenticate in order to gain network access. This type of error was created as a means to intercept proxies used to control access to the network. One example of this is “captive portals” that is used to require agreement to the Terms of Service before allowing full Internet access by means of a Wi-Fi hotspot connection.

Unofficial codes

Not all codes are specified by a specific RFC but are still utilized by third-party services to provide RESTful or semantic error responses. Below are the most commonly-used “unofficial codes” utilized.

103 Checkpoint

A 103 Checkpoint response is used in the resumable requests application to resume aborted POST or PUT requests.

420 Method Failure (Spring Framework)

A 420 Method Failure response comes from the Spring Framework when a process has failed.

419 I’m a Fox (Smoothwall/Foxwall)

This response is returned through versions of Foxwall or Smoothwall firewall systems in response to when a configuration test is returned.

420 Enhance Your Calm (Twitter)

Twitter Version 1 issued a 420 Enhance Your Calm error response when the client was being rate-limited. However, Versions 1.1 and later versions used the 429 Too Many Requests response code as an alternative.

450 Blocked by Windows Parental Controls (Microsoft)

The 450 Block by Windows Parental Control response is a Microsoft-specific extension. It is an error given when the Windows Parental Controls are activated and are responding by blocking access to a certain site that does not qualify through the parameters set through the controls.

498 Invalid Token (Esri)

A 498 Invalid Token response is returned by ArcGIS for Server. This code indicates an invalid or expired token.

499 Token Required (Esri)

Another error returned by ArcGIS for Server, 499 indicates that token is required and still needs to be submitted to proceed.

499 Antivirus has Forbidden a Request

A 499 error is produced when a malicious site is intercepted and the request cannot go through.

509 Bandwidth Limit is Exceeded (Apache Web Server/cPanel)

In situations where a server has gone over the bandwidth quantified by a server administrator, users will receive a 509 Bandwidth Limit Exceeded error. This response is used by shared hosting providers to keep a limit on customer bandwidth.

530 Site is frozen

A 530 Site is frozen is an error employed by Pantheon in order to point out that a website has been frozen because of inactivity.

440 Login Timeout

When a client’s session has expired, a 440 Login Timeout response will appear, instructing the user to log in again to proceed with his request.

449 Retry With

A 449 error appears when the server cannot honor a request because the user has not given all of the needed information in order to fulfill a request.

451 Redirect

A 451 Redirect error is used in Exchange ActiveSync when the server cannot access the user’s mailbox or a more efficient server is available to complete a request. The error instructs the client to re-run the HTTP AutoDiscover operation to find a more valid server to proceed.

Nginx

The nginx web server software expands the 4xx error response space in an effort to signal issues with the client’s specific request. These errors are used solely for logging purpose, and no definite response is sent with these codes.

444 No Response

A 444 No Response error indicates that the server has closed the connection with no returned information from a client request.

495 SSL Certificate Error

A 495 SSL Certificate Error is an expansion of the 400 Bad Request error response code and is used when the client has given an invalid client certificate when making a request.

496 SSL Certificate Required

A 496 SSL Certificate Required error response is an additional expansion of the 400 Bad Request response code. This response is used when a client certificate is required to complete a request but is not provided.

497 HTTP Request Sent to HTTPS Port

Again, another expansion of the 400 Bad Request error response code, a 497 HTTP Request Sent to HTTPS Port is used when a client has made an HTTP request to a port that is listening for HTTPS requests specifically.

499 Client Closed Request

A 499 Client Closed Request is used when the client has closed the request before the server could complete the task and send a response.

Cloudflare

Cloudflare’s reverse proxy service is an expansion of the 5xx error space used to specify issues with the origin server.

520 Unknown Error

A 520 Unknown Error code is used as a “catch-all response” in the event that the origin server yields something unexpected. This could include listing large headers, connection resets or invalid or empty responses.

521 Web Server Is Down

When the origin server has rejected the connection from Cloudflare, a 521 Web Server is Down error response will be given.

522 Connection Timed Out

A 522 Connection Timed Out response is issued when Cloudflare could not assign a TCP handshake with the server of origin.

523 Origin Is Unreachable

When Cloudflare cannot reach the origin server, a 523 Origin is Unreachable error response is given. For example, if the DNS files for the origin server are incorrect, a 523 error will be given.

524 A Timeout Occurred

If Cloudflare is able to justify a TCP connection to the origin server but did not obtain a timely HTTP response, users will see a 524 A Timeout Occurred error response.

525 SSL Handshake Failed

A 525 SSL Handshake Failed error occurs when Cloudflare could not transfer a TLS/ SSL handshake with the server of origin.

526 Invalid SSL Certificate

When Cloudflare cannot authenticate the SSL/TLS certificate that has been presented by the origin server, a 526 error will result.

527 Railgun Error

When requests time out or fail after the WAN connection has been recognized, a 527 Railgun Error response will result.

[a]From this link: https://en.wikipedia.org/wiki/List_of_HTTP_status_codes

Back

Standard HTTP Errors list

Redirection errors (3xx)

300 Multiple Choices — indicates multiple options for the resource that the client may follow.

301 Moved Permanently — This and all future requests should be directed to the given URL

302 Found — required the client to perform a temporary redirect (the original describing phrase was «Moved Temporarily»)

303 See Other — The response to the request can be found under another URL using a GET method.

304 Not Modified — Indicates that the resource has not been modified since the version specified by the request headers If-Modified-Since or If-Match

306 Switch Proxy — No longer used.Originally meant «Subsequent requests should use the specified proxy.»

307 Temporary Redirect (since HTTP/1.1) — In this case, the request should be repeated with another URL; however, future requests should still use the original URL.

308 Permanent Redirect — the request, and all future requests should be repeated using another URL.

Client errors (4xx)

400 Bad Request — the request cannot be fulfilled due to bad syntax.

401 Unauthorized — similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided.

402 Payment Required — reserved for future use.

403 Forbidden — the request was a valid request, but the server is refusing to respond to it.

404 Not Found — the requested resource could not be found but may be available again in the future.

405 Method Not Allowed — a request was made of a resource using a request method not supported by that resource

406 Not Acceptable — the requested resource is only capable of generating content not acceptable according to the Accept headers sent in the request.

407 Proxy Authentication Required — the client must first authenticate itself with the proxy.

408 Request Timeout — the server timed out waiting for the request.

409 Conflict — indicates that the request could not be processed because of conflict in the request, such as an edit conflict in the case of multiple updates.

410 Gone — indicates that the resource requested is no longer available and will not be available again.

411 Length Required — the request did not specify the length of its content, which is required by the requested resource.

412 Precondition Failed — the server does not meet one of the preconditions that the requester put on the request.

413 Request Entity Too Large — the request is larger than the server is willing or able to process.

414 Request-URI Too Long — the URI provided was too long for the server to process.

415 Unsupported Media Type — the request entity has a media type which the server or resource does not support.

416 Requested Range Not Satisfiable — the client has asked for a portion of the file, but the server cannot supply that portion.

417 Expectation Failed — the server cannot meet the requirements of the Expect request-header field.

418 I’m a teapot — this code was defined in 1998 as one of the traditional IETF April Fools’ jokes, in RFC 2324, Hyper Text Coffee Pot Control Protocol, and is not expected to be implemented by actual HTTP servers.

419 Authentication Timeout — not a part of the HTTP standard, 419 Authentication Timeout denotes that previously valid authentication has expired.

420 Method Failure — not part of the HTTP standard, but defined by Spring in the HttpStatus class to be used when a method failed.

420 Enhance Your Calm — not part of the HTTP standard, but returned by version 1 of the Twitter Search and Trends API when the client is being rate limited.

422 Unprocessable Entity — the request was well-formed but was unable to be followed due to semantic errors.

423 Locked — еhe resource that is being accessed is locked.

424 Failed Dependency — еhe request failed due to failure of a previous request.

425 Unordered Collection — defined in drafts of «WebDAV Advanced Collections Protocol», but not present in «Web Distributed Authoring and Versioning (WebDAV) Ordered Collections Protocol».

426 Upgrade Required — the client should switch to a different protocol such as TLS/1.0.

428 Precondition Required — the origin server requires the request to be conditional.

429 Too Many Requests — the user has sent too many requests in a given amount of time.

431 Request Header Fields Too Large — the server is unwilling to process the request because either an individual header field, or all the header fields collectively, are too large.

440 Login Timeout — a Microsoft extension. Indicates that your session has expired.

444 No Response — used in Nginx logs to indicate that the server has returned no information to the client and closed the connection.

449 Retry With — a Microsoft extension. The request should be retried after performing the appropriate action.

450 Blocked by Windows Parental Controls — a Microsoft extension. This error is given when Windows Parental Controls are turned on and are blocking access to the given webpage.

451 Unavailable For Legal Reasons — defined in the internet draft «A New HTTP Status Code for Legally-restricted Resources».

451 Redirect — used in Exchange ActiveSync if there either is a more efficient server to use or the server cannot access the users’ mailbox.

494 Request Header Too Large — Nginx internal code similar to 431 but it was introduced earlier.

495 Cert Error — Nginx internal code used when SSL client certificate error occurred to distinguish it from 4XX in a log and an error page redirection.

496 No Cert — Nginx internal code used when client didn’t provide certificate to distinguish it from 4XX in a log and an error page redirection.

497 HTTP to HTTPS — Nginx internal code used for the plain HTTP requests that are sent to HTTPS port to distinguish it from 4XX in a log and an error page redirection.

499 Client Closed Request — used in Nginx logs to indicate when the connection has been closed by client while the server is still processing its request, making server unable to send a status code back.

Server Errors (5xx)

500 Internal Server Error — a generic error message, given when an unexpected condition was encountered and no more specific message is suitable.

501 Not Implemented — the server either does not recognize the request method, or it lacks the ability to fulfill the request.

502 Bad Gateway — the server was acting as a gateway or proxy and received an invalid response from the upstream server.

503 Service Unavailable — the server is currently unavailable (because it is overloaded or down for maintenance).

504 Gateway Timeout — the server was acting as a gateway or proxy and did not receive a timely response from the upstream server.

505 HTTP Version Not Supported — the server does not support the HTTP protocol version used in the request.

506 Variant Also Negotiates — transparent content negotiation for the request results in a circular reference.

507 Insufficient Storage — the server is unable to store the representation needed to complete the request.

508 Loop Detected — the server detected an infinite loop while processing the request.

509 Bandwidth Limit Exceeded — this status code is not specified in any RFCs. Its use is unknown.

510 Not Extended — further extensions to the request are required for the server to fulfill it.

511 Network Authentication Required — the client needs to authenticate to gain network access.

520 Origin Error — this status code is not specified in any RFCs, but is used by Cloudflare’s reverse proxies to signal an «unknown connection issue between CloudFlare and the origin web server» to a client in front of the proxy.

521 Web server is down — this status code is not specified in any RFCs, but is used by Cloudflare’s reverse proxies to indicate that the origin web server refused the connection.

522 Connection timed out — this status code is not specified in any RFCs, but is used by Cloudflare’s reverse proxies to signal that a server connection timed out.

523 Proxy Declined Request — this status code is not specified in any RFCs, but is used by Cloudflare’s reverse proxies to signal a resource that has been blocked by the administrator of the website or proxy itself.

524 A timeout occurred — this status code is not specified in any RFCs, but is used by Cloudflare’s reverse proxies to signal a network read timeout behind the proxy to a client in front of the proxy.

598 Network read timeout error — this status code is not specified in any RFCs, but is used by Microsoft HTTP proxies to signal a network read timeout behind the proxy to a client in front of the proxy.

599 Network connect timeout error — this status code is not specified in any RFCs, but is used by Microsoft HTTP proxies to signal a network connect timeout behind the proxy to a client in front of the proxy.

Posted in: Troubleshooting

REST APIs use the Status-Line part of an HTTP response message to inform clients of their request’s overarching result. RFC 2616 defines the Status-Line syntax as shown below:

Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF

HTTP defines these standard status codes that can be used to convey the results of a client’s request. The status codes are divided into five categories.

• 1xx: Informational – Communicates transfer protocol-level information.
• 2xx: Success – Indicates that the client’s request was accepted successfully.
• 3xx: Redirection – Indicates that the client must take some additional action in order to complete their request.
• 4xx: Client Error – This category of error status codes points the finger at clients.
• 5xx: Server Error – The server takes responsibility for these error status codes.

1xx Status Codes [Informational]

Status Code	Description
100 Continue	An interim response. Indicates to the client that the initial part of the request has been received and has not yet been rejected by the server. The client SHOULD continue by sending the remainder of the request or, if the request has already been completed, ignore this response. The server MUST send a final response after the request has been completed.
101 Switching Protocol	Sent in response to an Upgrade request header from the client, and indicates the protocol the server is switching to.
102 Processing (WebDAV)	Indicates that the server has received and is processing the request, but no response is available yet.
103 Early Hints	Primarily intended to be used with the Link header. It suggests the user agent start preloading the resources while the server prepares a final response.

2xx Status Codes [Success]

Status Code	Description
200 OK	Indicates that the request has succeeded.
201 Created	Indicates that the request has succeeded and a new resource has been created as a result.
202 Accepted	Indicates that the request has been received but not completed yet. It is typically used in log running requests and batch processing.
203 Non-Authoritative Information	Indicates that the returned metainformation in the entity-header is not the definitive set as available from the origin server, but is gathered from a local or a third-party copy. The set presented MAY be a subset or superset of the original version.
204 No Content	The server has fulfilled the request but does not need to return a response body. The server may return the updated meta information.
205 Reset Content	Indicates the client to reset the document which sent this request.
206 Partial Content	It is used when the Range header is sent from the client to request only part of a resource.
207 Multi-Status (WebDAV)	An indicator to a client that multiple operations happened, and that the status for each operation can be found in the body of the response.
208 Already Reported (WebDAV)	Allows a client to tell the server that the same resource (with the same binding) was mentioned earlier. It never appears as a true HTTP response code in the status line, and only appears in bodies.
226 IM Used	The server has fulfilled a GET request for the resource, and the response is a representation of the result of one or more instance-manipulations applied to the current instance.

3xx Status Codes [Redirection]

Status Code	Description
300 Multiple Choices	The request has more than one possible response. The user-agent or user should choose one of them.
301 Moved Permanently	The URL of the requested resource has been changed permanently. The new URL is given by the Location header field in the response. This response is cacheable unless indicated otherwise.
302 Found	The URL of the requested resource has been changed temporarily. The new URL is given by the Location field in the response. This response is only cacheable if indicated by a Cache-Control or Expires header field.
303 See Other	The response can be found under a different URI and SHOULD be retrieved using a GET method on that resource.
304 Not Modified	Indicates the client that the response has not been modified, so the client can continue to use the same cached version of the response.
305 Use Proxy (Deprecated)	Indicates that a requested response must be accessed by a proxy.
306 (Unused)	It is a reserved status code and is not used anymore.
307 Temporary Redirect	Indicates the client to get the requested resource at another URI with same method that was used in the prior request. It is similar to 302 Found with one exception that the same HTTP method will be used that was used in the prior request.
308 Permanent Redirect (experimental)	Indicates that the resource is now permanently located at another URI, specified by the Location header. It is similar to 301 Moved Permanently with one exception that the same HTTP method will be used that was used in the prior request.

4xx Status Codes (Client Error)

Status Code	Description
400 Bad Request	The request could not be understood by the server due to incorrect syntax. The client SHOULD NOT repeat the request without modifications.
401 Unauthorized	Indicates that the request requires user authentication information. The client MAY repeat the request with a suitable Authorization header field
402 Payment Required (Experimental)	Reserved for future use. It is aimed for using in the digital payment systems.
403 Forbidden	Unauthorized request. The client does not have access rights to the content. Unlike 401, the client’s identity is known to the server.
404 Not Found	The server can not find the requested resource.
405 Method Not Allowed	The request HTTP method is known by the server but has been disabled and cannot be used for that resource.
406 Not Acceptable	The server doesn’t find any content that conforms to the criteria given by the user agent in the Accept header sent in the request.
407 Proxy Authentication Required	Indicates that the client must first authenticate itself with the proxy.
408 Request Timeout	Indicates that the server did not receive a complete request from the client within the server’s allotted timeout period.
409 Conflict	The request could not be completed due to a conflict with the current state of the resource.
410 Gone	The requested resource is no longer available at the server.
411 Length Required	The server refuses to accept the request without a defined Content- Length. The client MAY repeat the request if it adds a valid Content-Length header field.
412 Precondition Failed	The client has indicated preconditions in its headers which the server does not meet.
413 Request Entity Too Large	Request entity is larger than limits defined by server.
414 Request-URI Too Long	The URI requested by the client is longer than the server can interpret.
415 Unsupported Media Type	The media-type in Content-type of the request is not supported by the server.
416 Requested Range Not Satisfiable	The range specified by the Range header field in the request can’t be fulfilled.
417 Expectation Failed	The expectation indicated by the Expect request header field can’t be met by the server.
418 I’m a teapot (RFC 2324)	It was defined as April’s lool joke and is not expected to be implemented by actual HTTP servers. (RFC 2324)
420 Enhance Your Calm (Twitter)	Returned by the Twitter Search and Trends API when the client is being rate limited.
422 Unprocessable Entity (WebDAV)	The server understands the content type and syntax of the request entity, but still server is unable to process the request for some reason.
423 Locked (WebDAV)	The resource that is being accessed is locked.
424 Failed Dependency (WebDAV)	The request failed due to failure of a previous request.
425 Too Early (WebDAV)	Indicates that the server is unwilling to risk processing a request that might be replayed.
426 Upgrade Required	The server refuses to perform the request. The server will process the request after the client upgrades to a different protocol.
428 Precondition Required	The origin server requires the request to be conditional.
429 Too Many Requests	The user has sent too many requests in a given amount of time (“rate limiting”).
431 Request Header Fields Too Large	The server is unwilling to process the request because its header fields are too large.
444 No Response (Nginx)	The Nginx server returns no information to the client and closes the connection.
449 Retry With (Microsoft)	The request should be retried after performing the appropriate action.
450 Blocked by Windows Parental Controls (Microsoft)	Windows Parental Controls are turned on and are blocking access to the given webpage.
451 Unavailable For Legal Reasons	The user-agent requested a resource that cannot legally be provided.
499 Client Closed Request (Nginx)	The connection is closed by the client while HTTP server is processing its request, making the server unable to send the HTTP header back.

5xx Status Codes (Server Error)

Status Code	Description
500 Internal Server Error	The server encountered an unexpected condition that prevented it from fulfilling the request.
501 Not Implemented	The HTTP method is not supported by the server and cannot be handled.
502 Bad Gateway	The server got an invalid response while working as a gateway to get the response needed to handle the request.
503 Service Unavailable	The server is not ready to handle the request.
504 Gateway Timeout	The server is acting as a gateway and cannot get a response in time for a request.
505 HTTP Version Not Supported (Experimental)	The HTTP version used in the request is not supported by the server.
506 Variant Also Negotiates (Experimental)	Indicates that the server has an internal configuration error: the chosen variant resource is configured to engage in transparent content negotiation itself, and is therefore not a proper endpoint in the negotiation process.
507 Insufficient Storage (WebDAV)	The method could not be performed on the resource because the server is unable to store the representation needed to successfully complete the request.
508 Loop Detected (WebDAV)	The server detected an infinite loop while processing the request.
510 Not Extended	Further extensions to the request are required for the server to fulfill it.
511 Network Authentication Required	Indicates that the client needs to authenticate to gain network access.

6. REST Specific HTTP Status Codes

200 (OK)

It indicates that the REST API successfully carried out whatever action the client requested and that no more specific code in the 2xx series is appropriate.

Unlike the 204 status code, a 200 response should include a response body. The information returned with the response is dependent on the method used in the request, for example:

• GET an entity corresponding to the requested resource is sent in the response;
• HEAD the entity-header fields corresponding to the requested resource are sent in the response without any message-body;
• POST an entity describing or containing the result of the action;
• TRACE an entity containing the request message as received by the end server.

201 (Created)

A REST API responds with the 201 status code whenever a resource is created inside a collection. There may also be times when a new resource is created as a result of some controller action, in which case 201 would also be an appropriate response.

The newly created resource can be referenced by the URI(s) returned in the entity of the response, with the most specific URI for the resource given by a Location header field.

The origin server MUST create the resource before returning the 201 status code. If the action cannot be carried out immediately, the server SHOULD respond with a 202 (Accepted) response instead.

202 (Accepted)

A 202 response is typically used for actions that take a long while to process. It indicates that the request has been accepted for processing, but the processing has not been completed. The request might or might not be eventually acted upon, or even maybe disallowed when processing occurs.

Its purpose is to allow a server to accept a request for some other process (perhaps a batch-oriented process that is only run once per day) without requiring that the user agent’s connection to the server persist until the process is completed.

The entity returned with this response SHOULD include an indication of the request’s current status and either a pointer to a status monitor (job queue location) or some estimate of when the user can expect the request to be fulfilled.

204 (No Content)

The 204 status code is usually sent out in response to a PUT, POST, or DELETE request when the REST API declines to send back any status message or representation in the response message’s body.

An API may also send 204 in conjunction with a GET request to indicate that the requested resource exists, but has no state representation to include in the body.

If the client is a user agent, it SHOULD NOT change its document view from that which caused the request to be sent. This response is primarily intended to allow input for actions to take place without causing a change to the user agent’s active document view. However, any new or updated metainformation SHOULD be applied to the document currently in the user agent’s dynamic view.

The 204 response MUST NOT include a message-body and thus is always terminated by the first empty line after the header fields.

301 (Moved Permanently)

The 301 status code indicates that the REST API’s resource model has been significantly redesigned, and a new permanent URI has been assigned to the client’s requested resource. The REST API should specify the new URI in the response’s Location header, and all future requests should be directed to the given URI.

You will hardly use this response code in your API as you can always use the API versioning for the new API while retaining the old one.

302 (Found)

The HTTP response status code 302 Found is a common way of performing URL redirection. An HTTP response with this status code will additionally provide a URL in the Location header field. The user agent (e.g., a web browser) is invited by a response with this code to make a second. Otherwise identical, request to the new URL specified in the location field.

Many web browsers implemented this code in a manner that violated this standard, changing the request type of the new request to GET, regardless of the type employed in the original request (e.g., POST). RFC 1945 and RFC 2068 specify that the client is not allowed to change the method on the redirected request. The status codes 303 and 307 have been added for servers that wish to make unambiguously clear which kind of reaction is expected of the client.

303 (See Other)

A 303 response indicates that a controller resource has finished its work, but instead of sending a potentially unwanted response body, it sends the client the URI of a response resource. The response can be the URI of the temporary status message, or the URI to some already existing, more permanent, resource.

Generally speaking, the 303 status code allows a REST API to send a reference to a resource without forcing the client to download its state. Instead, the client may send a GET request to the value of the Location header.

The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable.

304 (Not Modified)

This status code is similar to 204 (“No Content”) in that the response body must be empty. The critical distinction is that 204 is used when there is nothing to send in the body, whereas 304 is used when the resource has not been modified since the version specified by the request headers If-Modified-Since or If-None-Match.

In such a case, there is no need to retransmit the resource since the client still has a previously-downloaded copy.

Using this saves bandwidth and reprocessing on both the server and client, as only the header data must be sent and received in comparison to the entirety of the page being re-processed by the server, then sent again using more bandwidth of the server and client.

307 (Temporary Redirect)

A 307 response indicates that the REST API is not going to process the client’s request. Instead, the client should resubmit the request to the URI specified by the response message’s Location header. However, future requests should still use the original URI.

A REST API can use this status code to assign a temporary URI to the client’s requested resource. For example, a 307 response can be used to shift a client request over to another host.

The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s). If the 307 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.

400 (Bad Request)

400 is the generic client-side error status, used when no other 4xx error code is appropriate. Errors can be like malformed request syntax, invalid request message parameters, or deceptive request routing etc.

The client SHOULD NOT repeat the request without modifications.

401 (Unauthorized)

A 401 error response indicates that the client tried to operate on a protected resource without providing the proper authorization. It may have provided the wrong credentials or none at all. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.

The client MAY repeat the request with a suitable Authorization header field. If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information.

403 (Forbidden)

A 403 error response indicates that the client’s request is formed correctly, but the REST API refuses to honor it, i.e., the user does not have the necessary permissions for the resource. A 403 response is not a case of insufficient client credentials; that would be 401 (“Unauthorized”).

Authentication will not help, and the request SHOULD NOT be repeated. Unlike a 401 Unauthorized response, authenticating will make no difference.

404 (Not Found)

The 404 error status code indicates that the REST API can’t map the client’s URI to a resource but may be available in the future. Subsequent requests by the client are permissible.

No indication is given of whether the condition is temporary or permanent. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.

405 (Method Not Allowed)

The API responds with a 405 error to indicate that the client tried to use an HTTP method that the resource does not allow. For instance, a read-only resource could support only GET and HEAD, while a controller resource might allow GET and POST, but not PUT or DELETE.

A 405 response must include the Allow header, which lists the HTTP methods that the resource supports. For example:

Allow: GET, POST

406 (Not Acceptable)

The 406 error response indicates that the API is not able to generate any of the client’s preferred media types, as indicated by the Accept request header. For example, a client request for data formatted as application/xml will receive a 406 response if the API is only willing to format data as application/json.

If the response could be unacceptable, a user agent SHOULD temporarily stop receipt of more data and query the user for a decision on further actions.

412 (Precondition Failed)

The 412 error response indicates that the client specified one or more preconditions in its request headers, effectively telling the REST API to carry out its request only if certain conditions were met. A 412 response indicates that those conditions were not met, so instead of carrying out the request, the API sends this status code.

415 (Unsupported Media Type)

The 415 error response indicates that the API is not able to process the client’s supplied media type, as indicated by the Content-Type request header. For example, a client request including data formatted as application/xml will receive a 415 response if the API is only willing to process data formatted as application/json.

For example, the client uploads an image as image/svg+xml, but the server requires that images use a different format.

500 (Internal Server Error)

500 is the generic REST API error response. Most web frameworks automatically respond with this response status code whenever they execute some request handler code that raises an exception.

A 500 error is never the client’s fault, and therefore, it is reasonable for the client to retry the same request that triggered this response and hope to get a different response.

The API response is the generic error message, given when an unexpected condition was encountered and no more specific message is suitable.

501 (Not Implemented)

The server either does not recognize the request method, or it cannot fulfill the request. Usually, this implies future availability (e.g., a new feature of a web-service API).

References :

https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml