The HyperText Transfer Protocol (HTTP) defines the method by which a web browser and a web server can communicate with each other. A part of this protocol is the use of status codes. These codes are used as a way of communicating the status of the request between programs easily without the software needing to parse and understand human readable messages. This allows various pieces of software to interact in a simple convenient manner. Any software that then communicates with a user is then responsible for translating these codes into an understandable message when required. Most people will be familiar with some of these, such as the infamous 404 code, and possibly 403. So what does it all mean to the uninitiated?
The codes are grouped by type, with the first digit of the three showing type of code, and the latter two defining the code itself.
Defines informational responses, there are only a couple and it’s unlikely that an end user will ever encounter anything to do with these.
Defines successful responses. There are a fair number of these depending on the request that the web browser has performed. The most common Group 2 codes are:
200 - OK - this is probably the most common code, and indicates a successful transfer of the requested file.
Defines redirection responses. These are used when the server is informing the client that it needs to do something else in order to serve the requested file. Here are some common ones:
301 - Moved Permanently - This is used to inform the browser that the requested file has been moved and that it should instead request the file from the location provided by the server, and remember that new location for future reference. This can only be used with HTTP GET and HEAD requests.
307 - Moved Temporarily - Similar to the 301, the 307 redirect tells the browser that the file has been moved temporarily and that it should be requested from the location provided by the server. Future requests should still be directed to the original file. When requesting the file to which it is redirected the browser should also repeat the same request as it used for the original file, so if a POST request was used, the same request should be used on the new file.
308 - Moved Permanently - This is a hybrid of the 301 and 307 requests. It acts just like the 301 apart from it dictates that when requesting the new file it should repeat the original request.
Defines client side errors, this is where the server believes that the web browser has made an error. Below are some of the common ones:
401 - Unauthorized - This is given when a browser has requested a protected file but either submitted incorrect username/password details or hasn’t tried to authenticate.
403 - Forbidden - This is generally issued when the file requested is valid but the file couldn’t be served, often this is due to a server side permissions issue where the web server isn’t allowed to serve the file to the client.
404 - Not Found - This is probably the most well known and often seen error. It occurs when the web browser has requested a file that does not exist on the server.
Defines server side errors. These are errors that have occurred on the part of the server despite the client providing a valid request. Some commonly encountered Group 5 codes are:
500 - Internal Server Error - This is an unfortunately ambiguous generic error code. It is issued whenever the server is deemed to have encountered an error that doesn’t match any more specific error code.
502 - Bad Gateway - This occurs when the web browser contacts a web server that is acting as a proxy for another server and it gets an invalid response from the other server.
503 - Service Unavailable - This is normally encountered in the case of the server being overloaded or otherwise unable to process the request.
This isn’t an exhaustive list of the HTTP codes by a long shot, there are a fair number and IANA keeps a registry of the official HTTP codes. Although this list should serve as a handy reference to commonly encountered codes if you are developing any web based application, website or configuring a web server.