HTTP Status Codes and Their Meanings

HTTP Status Codes and Their Meanings

HTTP status codes are response result codes from the server to a client's request, indicating the processing status of the request. They consist of three digits, where the first digit defines the status type, and the last two indicate the specific status. Status codes are divided into five categories; let's analyze the characteristics of each category and common status codes step by step.

1. Status Code Categories (Defined by the First Digit)

  • 1xx (Informational Status Codes): The request has been received and needs further processing. For example, the server has received the request headers, and the client should continue sending the request body.
  • 2xx (Success Status Codes): The request was successfully processed by the server. Examples:
    • 200 OK: The request succeeded, and the response body contains the requested resource (e.g., an HTML page or data).
    • 201 Created: The request succeeded, and the server created a new resource (common in POST requests).
    • 204 No Content: The request succeeded, but the response body contains no content (e.g., a successful DELETE request response).
  • 3xx (Redirection Status Codes): The client needs to take further action to complete the request. Examples:
    • 301 Moved Permanently: The resource has been permanently moved to a new URL; the client should update bookmarks.
    • 302 Found: The resource is temporarily available at a different URL. The client should use the new URL for this request but continue using the original address for subsequent requests.
    • 304 Not Modified: The resource has not been modified; the client can use its local cache (used in conjunction with request headers like If-Modified-Since).
  • 4xx (Client Error Status Codes): The client's request is incorrect. Examples:
    • 400 Bad Request: The request message contains a syntax error (e.g., incorrect parameter format).
    • 401 Unauthorized: Authentication is required (e.g., accessing restricted resources without logging in).
    • 403 Forbidden: The server refuses the request (possibly due to insufficient permissions).
    • 404 Not Found: The requested resource does not exist on the server.
  • 5xx (Server Error Status Codes): The server encountered an error while processing the request. Examples:
    • 500 Internal Server Error: An internal server error occurred (e.g., code exception).
    • 502 Bad Gateway: When acting as a gateway or proxy, the server received an invalid response from the upstream server.
    • 503 Service Unavailable: The server is temporarily overloaded or under maintenance.

2. Detailed Scenario Analysis of Key Status Codes

  • 301 vs. 302 Redirects:
    • 301 is a permanent redirect. For example, when a website upgrades its domain from HTTP to HTTPS, it should return a 301, prompting the browser to cache the new address and directly access the new URL for subsequent requests.
    • 302 is a temporary redirect. For example, short URL services use 302 to ensure each request visits the original URL before redirecting, preventing browser caching from affecting statistics.
  • 401 vs. 403 Permission Issues:
    • 401 requires the client to provide authentication information (e.g., a pop-up prompting for a password). If authentication fails, the server may return 401 again.
    • 403 directly denies access, and even repeated authentication will not grant access (e.g., a regular user attempting to access an admin page).
  • 500 vs. 503 Service Exceptions:
    • 500 indicates a server code error (e.g., a failed database connection) that requires program fixes.
    • 503 indicates temporary unavailability (e.g., due to a traffic surge), and the client can retry later.

3. Considerations for Status Codes in Practice

  • Browsers have automatic handling mechanisms for certain status codes: for example, automatically redirecting to the URL specified in the Location header upon receiving 301/302.
  • 4xx errors typically require the client to review and correct request parameters, while 5xx errors need to be investigated server-side.
  • Some status codes must be used in conjunction with response headers: for example, 304 works with ETag or Last-Modified headers for cache validation.

Through status codes, developers can quickly identify the direction of issues and improve debugging efficiency. In practice, servers should return the correct status codes to avoid misleading client behavior.