Security+
Noteworthy HTTP Status Codes
HTTP Status Codes: As web server responses are received by your browser, they will include a status code to signal what type of response it is.
There are over 50 numerical HTTP responses codes grouped into five families that provide similar type of status codes.
Knowing what each type of response family represents allows you to gain an understanding of how your input was processed by the application.
- 100s: These responses are purely informational from the web server and usually mean that additional responses from the web server are forthcoming. These are rarely seen in modern web server responses and are usually followed close after with another type of response introduced below.
- 200s: These responses signal the client’s request was successfully accepted and processed by the web server and the response has been sent back to your browser. The most common HTTP status code is 200 OK.
- 300s: These responses are used to signal redirection where additional responses will be sent to the client. The most common implementation of this is to redirect a user’s browser to a secure homepage after successfully authenticating to the web application. This would actually be a 302 Redirect to send another response that would be delivered with a 200 OK.
- 400s: These responses are used to signal an error in the request from the client. This means the user has sent a request that can’t be processed by the web application, thus one of these common status codes is returned: 401 Unauthorized, 403 Forbidden, and 404 Not Found.
- 500s: These responses are used to signal an error on the server side. The most common status cods used in this family are the 500 Internal Server Error and 500 Service Unavailable.
Full details on all of the HTTP status codes can be reviewed in greater detail at http://www.w3.org/Protocols/rfc2616-sec10.html.