HTTP Status Codes
Introduction to HTTP Status Codes
When a browser requests a service from a web server, the server always returns an HTTP status code along with the response. These three-digit codes indicate whether a request was successful, redirected, or resulted in an error. While often called "HTML error messages," they're technically HTTP status messages that provide crucial information about the request's outcome.
Here's a complete reference table of all standard HTTP status codes, organized by their classification.
Complete HTTP Status Codes Table
1xx: Informational Responses
These codes indicate that the request was received and understood, and the process is continuing.
| Code | Status Message | Description | Common Use Cases |
|---|---|---|---|
| 100 | Continue | The server has received the request headers, and the client should proceed to send the request body | Large file uploads, API requests with headers first |
| 101 | Switching Protocols | The requester has asked the server to switch protocols | WebSocket upgrades, HTTP/2 upgrades |
| 102 | Processing | The server has received and is processing the request, but no response is available yet | Long-running operations (WebDAV) |
| 103 | Early Hints | Used with the Link header to allow preloading resources while the server prepares a response | Performance optimization, resource hints |
2xx: Success Responses
These codes indicate that the request was successfully received, understood, and accepted.
| Code | Status Message | Description | Common Use Cases |
|---|---|---|---|
| 200 | OK | The request succeeded (standard response for successful requests) | Successful GET requests, standard page loads |
| 201 | Created | The request succeeded and a new resource was created | Successful POST requests creating resources |
| 202 | Accepted | The request was accepted for processing, but processing is not complete | Asynchronous processing, background jobs |
| 203 | Non-Authoritative Information | The request was successful but the response is from a modified source | Proxy modifications, cached responses |
| 204 | No Content | The server successfully processed the request but returns no content | DELETE requests, form submissions without page refresh |
| 205 | Reset Content | The server processed the request and requires the client to reset the document view | Form resets after submission |
| 206 | Partial Content | The server is delivering only part of the resource due to a range header | Video streaming, large file downloads |
| 207 | Multi-Status | Multiple status codes for different parts of a request (WebDAV) | Batch operations, multiple resource updates |
| 208 | Already Reported | Members of a DAV binding have already been enumerated | WebDAV collections |
| 226 | IM Used | The server has fulfilled a GET request for the resource | Delta encoding in HTTP |
3xx: Redirection Responses
These codes indicate that further action needs to be taken by the client to complete the request.
| Code | Status Message | Description | Common Use Cases |
|---|---|---|---|
| 300 | Multiple Choices | Multiple options for the resource from which the client may choose | Content negotiation, multiple formats |
| 301 | Moved Permanently | The requested resource has been permanently moved to a new URL | Permanent URL changes, domain migrations |
| 302 | Found | The requested resource resides temporarily under a different URI | Temporary redirects, maintenance pages |
| 303 | See Other | The response can be found under a different URI using a GET method | Redirect after POST (POST-Redirect-GET pattern) |
| 304 | Not Modified | The resource has not been modified since the last request | Browser caching, conditional GET requests |
| 305 | Use Proxy | The requested resource is available only through a proxy | Proxy requirement (deprecated) |
| 306 | Switch Proxy | No longer used (was “Switch Proxy”) | Deprecated |
| 307 | Temporary Redirect | The request should be repeated with another URI, but future requests should still use the original URI | Temporary redirects preserving method |
| 308 | Permanent Redirect | The resource is permanently moved to another URI | Permanent redirects preserving method |
4xx: Client Error Responses
These codes indicate that the client seems to have made an error in the request.
| Code | Status Message | Description | Common Use Cases |
|---|---|---|---|
| 400 | Bad Request | The server cannot process the request due to client error (malformed syntax) | Invalid JSON, missing required fields |
| 401 | Unauthorized | Authentication is required and has failed or not been provided | Missing/invalid credentials, login required |
| 402 | Payment Required | Reserved for future use (originally for digital payment systems) | Currently unused, sometimes in APIs for payment |
| 403 | Forbidden | The server understood the request but refuses to authorize it | Insufficient permissions, IP blocking |
| 404 | Not Found | The server cannot find the requested resource | Broken links, deleted pages |
| 405 | Method Not Allowed | The request method is not supported for the requested resource | POST to read-only endpoint, PUT on non-updatable resource |
| 406 | Not Acceptable | The server cannot generate a response matching the list of acceptable values | Unsupported content-type in Accept header |
| 407 | Proxy Authentication Required | The client must first authenticate itself with the proxy | Proxy server authentication |
| 408 | Request Timeout | The server timed out waiting for the request | Slow client connections, network issues |
| 409 | Conflict | The request could not be completed due to a conflict with the current state | Version conflicts, duplicate entries |
| 410 | Gone | The requested resource is no longer available and will not be available again | Deleted content with no replacement |
| 411 | Length Required | The server refuses to accept the request without a defined Content-Length | Missing Content-Length header |
| 412 | Precondition Failed | One or more conditions given in the request header fields evaluated to false | Failed If-Match, If-None-Match conditions |
| 413 | Payload Too Large | The server will not process the request because the payload is too large | File uploads exceeding size limit |
| 414 | URI Too Long | The server will not process the request because the URI is too long | Excessive query parameters |
| 415 | Unsupported Media Type | The server refuses to accept the request because the payload format is unsupported | Wrong Content-Type, invalid file format |
| 416 | Range Not Satisfiable | The server cannot supply the requested portion of the file | Invalid byte range in Range header |
| 417 | Expectation Failed | The server cannot meet the requirements of the Expect request-header field | Failed Expect: 100-continue |
| 418 | I’m a teapot | The server refuses to brew coffee because it is, permanently, a teapot | April Fools’ joke (RFC 2324) |
| 421 | Misdirected Request | The request was directed at a server that is not able to produce a response | Load balancing issues |
| 422 | Unprocessable Entity | The request was well-formed but unable to be followed due to semantic errors | Validation errors, business logic failures |
| 423 | Locked | The resource that is being accessed is locked (WebDAV) | Resource locking in collaborative editing |
| 424 | Failed Dependency | The request failed due to failure of a previous request (WebDAV) | Dependent operations in WebDAV |
| 425 | Too Early | The server is unwilling to risk processing a request that might be replayed | Replay attack protection |
| 426 | Upgrade Required | The server refuses to perform the request using the current protocol | Requiring TLS/SSL, protocol upgrades |
| 428 | Precondition Required | The origin server requires the request to be conditional | Missing If-Match header |
| 429 | Too Many Requests | The user has sent too many requests in a given amount of time | Rate limiting, API throttling |
| 431 | Request Header Fields Too Large | The server is unwilling to process the request because header fields are too large | Excessive cookies, large headers |
| 451 | Unavailable For Legal Reasons | The server is denying access to the resource as a consequence of a legal demand | Government censorship, legal takedowns |
5xx: Server Error Responses
These codes indicate that the server failed to fulfill a valid request.
| Code | Status Message | Description | Common Use Cases |
|---|---|---|---|
| 500 | Internal Server Error | The server encountered an unexpected condition preventing it from fulfilling the request | Unhandled exceptions, coding errors |
| 501 | Not Implemented | The server does not support the functionality required to fulfill the request | Unsupported HTTP methods |
| 502 | Bad Gateway | The server, while acting as a gateway or proxy, received an invalid response from upstream | Proxy server issues, upstream server down |
| 503 | Service Unavailable | The server is currently unable to handle the request due to temporary overload or maintenance | Server maintenance, high traffic |
| 504 | Gateway Timeout | The server, while acting as a gateway or proxy, did not receive a timely response from upstream | Upstream server timeout, slow backend |
| 505 | HTTP Version Not Supported | The server does not support the HTTP protocol version used in the request | Unsupported HTTP version |
| 506 | Variant Also Negotiates | Transparent content negotiation for the request results in a circular reference | Content negotiation errors |
| 507 | Insufficient Storage | The server is unable to store the representation needed to complete the request (WebDAV) | Disk full, storage quota exceeded |
| 508 | Loop Detected | The server detected an infinite loop while processing the request (WebDAV) | Infinite redirects, circular dependencies |
| 510 | Not Extended | Further extensions to the request are required for the server to fulfill it | Extended HTTP features required |
| 511 | Network Authentication Required | The client needs to authenticate to gain network access | Captive portals, WiFi authentication |
Quick Reference: Most Common Status Codes
| Code | When You See It | What to Do |
|---|---|---|
| 200 | Page loads successfully | Nothing - everything is working! |
| 301 | Page has permanently moved | Update bookmarks, links will redirect automatically |
| 302 | Temporary redirect | Usually automatic, but the original URL will work again later |
| 304 | Cached version is being used | Browser is saving bandwidth by using cached copy |
| 400 | Bad request from client | Check URL syntax, form data, or API request format |
| 401 | Login required | Provide valid credentials or sign up for account |
| 403 | Access forbidden | You don’t have permission, even with login |
| 404 | Page not found | Check for typos in URL, or content may have been removed |
| 429 | Too many requests | Wait before trying again, reduce request frequency |
| 500 | Server error | Server-side problem, try again later or contact site admin |
| 502 | Bad gateway | Temporary proxy issue, usually resolves quickly |
| 503 | Service unavailable | Site is down for maintenance or overloaded, try later |
| 504 | Gateway timeout | Server is taking too long to respond, try again later |
Browser Developer Tools Quick Guide
To view status codes in your browser:
-
Chrome/Firefox/Edge:
- Press
F12or right-click → Inspect - Go to "Network" tab
- Refresh the page
- View status codes in the "Status" column
- Press
-
Common Status Code Colors:
- 🟢 Green (2xx): Success
- 🟡 Yellow (3xx): Redirect
- 🔴 Red (4xx/5xx): Error
- 🔵 Blue (1xx): Informational
Best Practices for Web Developers
For Client-Side Errors (4xx):
- 400: Provide specific error messages about what's wrong
- 401: Include
WWW-Authenticateheader for authentication methods - 403: Clearly explain why access is denied (without revealing sensitive info)
- 404: Offer helpful alternatives, search, or navigation
- 429: Include
Retry-Afterheader indicating when to retry
For Server-Side Errors (5xx):
- 500: Log detailed errors server-side but show user-friendly messages
- 503: Include
Retry-Afterheader if downtime is scheduled - Always have custom error pages for better user experience
- Monitor 5xx errors as they indicate server problems
For Redirects (3xx):
- Use 301 for permanent moves (SEO-friendly)
- Use 302/307 for temporary redirects
- Minimize redirect chains (multiple consecutive redirects)
- Test redirects to ensure they work correctly
Interactive Learning Activity
Try this exercise to reinforce your understanding:
- Visit a website and open Developer Tools (F12)
- Go to Network tab and check "Preserve log"
- Navigate through the site
- Identify different status codes in requests
- Note which resources get 200, 304, or other codes
Common findings:
- HTML pages: Usually 200 (or 304 if cached)
- CSS/JS files: 200, 304, or sometimes 404 if missing
- Images: 200, 304, or 404
- API calls: Various codes based on functionality
Frequently Asked Questions
Q: What's the difference between 404 and 410? A: 404 means "not found" but might be available later. 410 means "gone" permanently with no forwarding address.
Q: When should I use 500 vs 503? A: Use 500 for unexpected server errors. Use 503 when you know the service is unavailable (maintenance, overload).
Q: Are status codes case-sensitive? A: No, "404 Not Found" and "404 not found" are equivalent, though the standard capitalization is typically used.
Q: Can I create custom status codes? A: You can use non-standard codes, but clients may not understand them. Stick to standard codes when possible.
Q: Do all HTTP methods return the same status codes? A: No, some codes are method-specific. For example, 201 is typically for POST, 204 for DELETE, etc.
0
likes
Your Feedback
Help us improve by sharing your thoughts
Online Learner helps developers master programming, database concepts, interview preparation, and real-world implementation through structured learning paths.
Quick Links
© 2023 - 2026 OnlineLearner.in | All Rights Reserved.