Skip to content

HTTP

Jump to bottom
Santhosh Kumar edited this page May 2, 2024 · 2 revisions

SSL/TLS

1xx Informational

HTTP/1.0 don't have any 1xx status codes, server MUST NOT send a 1xx response to an HTTP/1.0 client

100 - Continue

  • When the request contains an Expect header field that includes a 100-continue expectation,
    the 100 response indicates that the server wishes to receive the request content

2xx ok

200 Ok

204 No Content

  • Successfull result of a PUT and DELETE method
  • Save and Continue editing functionality
  • Cacheable by Default, provided an ETag is included in response
  • Can be used as a response to cors-preflight fetch but, firefox seemed to have issue around 2020, so use 200

3xx Redirection Messages

301 - Moved Permanently, 308 - Permanent Redirect

  • browser redirects to the new URL and search engines update their links to the resource.
  • Use 301 code only as a response for GET and HEAD methods.
  • Use the 308 code for POST methods, as method change is explicity prohibited

302 - Found, 307 - Temporary Redirect

  • browser redirects to this page but search engines don't update their links to the resource (in 'SEO-speak', it is said that the 'link-juice' is not sent to the new URL)
  • Use 302 code only as a response for GET and HEAD methods.
  • 307 guarantees that the method and the body will not be changed when the redirected request is made

303 - See other

  • you want the method used to be changed to GET.
  • This is useful when you want to give a response to a PUT method that is not the uploaded resource but a confirmation message such as: 'you successfully uploaded XYZ'

4xx Client Error Responses

401 Unauthorized

  • client request not completed because it lacks valid authentication credentials for the requested resource.
  • user authentication can allow access to the resource.

403 Forbidden

  • server understands the request but refuses to authorize it
  • user authentication will not allow access to the resource.

405 Method Not Allowed

  • target resource doesn't allow the method in request-line
  • origin server must generate an Allow header field in a 405 response containing the methods supported by the targe resource
  • this response is hueristic cacheable, unless have some caching mechansims using Cache-Control header

Allow: GET, POST, HEAD

406 Not Acceptable

If the Accept header does not specify any known media types, the web server could generate an HTTP 406 (Not Acceptable) response message or return a message with a default media type.

415 Unsupported Media Type

  • Server refuses to accept the request because the payload format is in an unsupported format
  • Format problem due to 'Content-Type' or 'Content-Encoding'. or application inspecting the data directly
Clone this wiki locally