HTTP Status Codes

Client should continue the request. Server has read the request headers and approves.

Server is switching to the protocol requested by the client (e.g., WebSockets).

Server has received and is processing a long-running request. WebDAV extension.

Preload hints for the final response while the server is still preparing it.

Standard response for successful HTTP requests.

Request has been fulfilled and a new resource was created.

Request has been accepted for processing, but processing is not complete.

Returned metadata is from a local/third-party copy, not the origin.

Request succeeded but the response has no body. Commonly used for DELETE.

Tell the client to reset the document view that caused the request.

Response body contains only part of the resource, as requested via Range.

WebDAV: body contains XML describing multiple status codes for the request.

WebDAV: members of a DAV binding have already been enumerated.

Server has fulfilled a GET using delta encoding.

Multiple possible responses; user or agent must choose one.

Resource has permanently moved to a new URL. Clients/search engines should update.

Temporarily at a different URL. Browsers may change method to GET.

The response to the request can be found at another URL using GET.

Cached version is still valid. Used with conditional GETs (If-Modified-Since).

Resource temporarily at a different URL; method and body must not change.

Resource permanently at a different URL; method and body must not change.

Server cannot process due to client error (malformed syntax, invalid framing).

Authentication is required and has failed or has not been provided.

Reserved for future use. Rarely seen in practice.

Authenticated but lacks permission to access the resource.

Requested resource could not be found. Most famous status code.

Method is not supported for the target resource (e.g., POST on a read-only URL).

Server cannot produce a response matching the client's Accept headers.

Client must authenticate with the proxy first.

Server timed out waiting for the client to send a complete request.

Request conflicts with the current state (e.g., edit conflict, duplicate key).

Resource was removed permanently. No forwarding address.

Server requires a Content-Length header.

Precondition headers (If-Match, If-Unmodified-Since) evaluated false.

Request body is larger than the server is willing to process.

Request URL is too long for the server to process.

Request body format is not supported by the server.

Requested Range header cannot be fulfilled.

Expect request header could not be met.

April Fools joke (RFC 2324). Some servers use it for "blocked" responses.

Request was directed at a server unable to produce a response.

Request was well-formed but had semantic errors (e.g., failed validation).

Resource is locked (WebDAV).

Previous request failed so this one cannot succeed (WebDAV).

Server is unwilling to risk processing a replay-able request.

Client should switch to a different protocol (e.g., TLS).

Origin requires the request to be conditional.

Client has sent too many requests in a given amount of time (rate limiting).

Request headers are too large for the server.

Resource is blocked for legal reasons (censorship, takedowns).

Generic server error. Something went wrong and the server does not want to be specific.

Server does not support the functionality required to fulfill the request.

Upstream server sent an invalid response to the gateway/proxy.

Server is overloaded or down for maintenance.

Gateway/proxy did not receive a timely response from upstream.

Server does not support the HTTP version used in the request.

Content negotiation reference cycle.

Server cannot store the representation needed to complete the request (WebDAV).

Server detected an infinite loop while processing (WebDAV).

Further extensions to the request are required.

Client must authenticate to gain network access (e.g., captive portal).

Cloudflare: origin returned an unexpected response.

Cloudflare: origin refused the connection.

Cloudflare: origin did not respond in time.

Cloudflare: origin cannot be reached (DNS, routing).

Cloudflare: connection established but origin response timed out.

Cloudflare: TLS handshake with origin failed.

Cloudflare: origin certificate is invalid or expired.