The 400 (Bad Request) status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error. This includes a different syntax of the data send by the client or a format that the server is not configured to understand, invalid request message framing, or deceptive request routing.
Returning a bad request status is sometimes helpful as it helps for security reasons. The data sent by the frontend, is first validated in a backend app before it reaches the server. This way, if the data sent by the frontend is not in the expected format, it never reaches the server. This is helpful because sometimes people have bad intentions against the server and try to inject malicious scripts alongside the data sent.
Status 401: Unauthorized
The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource.
This status code is similar to the 403 Forbidden status code, except that in situations resulting in this status code, user authentication can allow access to the resource.
Status 402: Payment Required
The 402 (Payment Required) status code is reserved for future use. It was created to enable digital cash or (micro) payment systems and is expected to indicate that the requested content is not available until the client makes a payment.
Status 403: Forbidden
The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it.
This status is similar to 401, but for the 403 Forbidden status code re-authenticating makes no difference. The access is permanently forbidden and tied to the application logic, such as insufficient rights to a resource.
A server that wishes to
make public why the request has been forbidden can describe that
reason in the response payload (if any).
If authentication credentials were provided in the request, the
server considers them insufficient to grant access.
The client
SHOULD NOT automatically repeat the request with the same
credentials. The client MAY repeat the request with new or different
credentials. However, a request might be forbidden for reasons
unrelated to the credentials.
If the server wants to "hide" the current existence of a
forbidden target resource can instead respond with a status code of
404 (Not Found).
Status 404: Not Found
The HTTP 404 Not Found response status code indicates that the server cannot find the requested resource.
Links that lead to a 404 page are often called broken or dead links and can be subject to link rot.
A 404 status code only indicates that the resource is missing: not whether the absence is temporary or permanent.
If a resource is permanently removed, the 410 (Gone) status is used instead.
Status 405: Method Not Allowed
The HyperText Transfer Protocol (HTTP) 405 Method Not Allowed response status code indicates that the server knows the request method, but the target resource doesn't support this method.
The server must generate an Allow header field in a 405 status code response. The field must contain a list of methods that the target resource currently supports.
Status 406: Not Acceptable
The HyperText Transfer Protocol (HTTP) 406 Not Acceptable client error response code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's content headers. Through this status code the server is unwilling to supply a default representation.
In practice, this error is very rarely used. Instead of responding using this error code, which would be cryptic for the end user and difficult to fix, servers ignore the relevant header and serve an actual page to the user. It is assumed that even if the user won't be completely happy, they will prefer this to an error code.
If a server returns such an error status, the body of the message should contain the list of the available representations of the resources, allowing the user to choose among them.
Status 407: Proxy Authentication Required
The HTTP 407 Proxy Authentication Required status code indicates that the request has not been applied because it lacks valid authentication credentials for a proxy server that is between the browser and the server that can access the requested resource.
This status is sent with a Proxy-Authenticate header that contains information on how to authorize correctly.
Status 408: Request Timeout
The HyperText Transfer Protocol (HTTP) 408 Request Timeout status code means that the server would like to shut down this unused connection. It is sent on an idle connection by some servers, even without any previous request by the client.
A server should send the "close" Connection header field in the response, since 408 implies that the server has decided to close the connection rather than continue waiting.
This response is used much more since some browsers, like Chrome, Firefox 27+, and IE9, use HTTP pre-connection mechanisms to speed up surfing.
Status 409: Conflict
The HTTP 409 Conflict status code indicates a request conflict with the current state of the target resource.
Conflicts are most likely to occur in response to a PUT request. For example, you may get a 409 response when uploading a file that is older than the existing one on the server, resulting in a version control conflict.
This code is used in situations where the user might be
able to resolve the conflict and resubmit the request. The server
SHOULD generate a payload that includes enough information for a user
to recognize the source of the conflict.
Status 410: Gone
The HyperText Transfer Protocol (HTTP) 410 Gone status code indicates that access to the target resource is no longer available at the origin server and that this condition is likely to be permanent.
If you don't know whether this condition is temporary or permanent, a 404 status code should be used instead.
0 Comments
Post a Comment
Your opinion matters!