HTTP

Hyper Text Transfer Protocol

Reprinted by permission from Matt Musselman

Table of Contents

Error Codes and Their Meanings
Method Names and Their Meanings
For More Information

HTTP Error Codes and Their Meanings

Error Number Name Method Description
200 OK GET, HEAD Document was successfully transferred. No error.
201 Created POST, PUT POST or PUT was successful. No error.
202 Accepted GET, HEAD, DELETE, POST, PUT Request was accepted without error, but the request will be processed later.
203 Provisional Information GET, HEAD, POST Request succesful, but response consists of cached or non-authoritative information
204 No Response GET, HEAD, POST Request was successful, but there is no data to send
205 Deleted DELETE Document will be deleted as requested
206 Modified PUT Document will be modified as requested
301 Moved Permanently GET, HEAD, POST, PUT Document has a new permanent URI. Browsers with support redirection should direct future requests to the new URI
302 Moved Temporarily GET, HEAD, POST, PUT Document has temporarily moved to a new URI. Browser should redirect this request to the new URI, but future requests should still try the original URI first.
304 Not Modified GET Document has not changed since the date and time specified in the If-Modified-Since field.
400 Bad Request
401 Unauthorized

Username and password do not match with an allowed username and password for a protected directory

Encryption failure

403 Forbidden

File requested is not readable by user nobody
Access to the file, directory, or index is prohibited in access.conf or httpd.conf

404 Not Found Requested file or directory does not exist
500 Internal Server Error

HTTP header error
Executable content generated an error on the server

501 Not Implemented Object does not support the HTTP method used (e.g. POST instead of GET)
502 Service Temporarily Overloaded httpd is unable to spawn a child process to handle the request, either because the system is out of resources, or in accordance with configuration constraints
503 Service Unavailable A timeout occurred while waiting for a response from the port specified

HTTP Methods

Method Implementations Description Cached?
GET

"Standard" Hypertext document viewing
Read only CGI applications (URL based)
Search engines
A GET request will cause the server to respond with the entire header and body of the document specified. The URI may also include query information which can be utilized by CGI to customize the information presented or to search for particular information.
While it is possible to pass write data to an application via GET, the practice is not recommended as it poses significant security risks, since URI information can easily be manipulated by the end-user.
Yes.
PUT

Some web publishing applications, including MS FrontPage
A PUT request will cause the object body data to be saved to the URI location specified. Some publishing implementations, most notoriously Microsoft FrontPage, use this as an alternative to FTP for publishing web content. Obviously, the server must be specifically configured to allow PUT requests, since they are disabled by default for security reasons.
POST

Read/write CGI applications (form based)
The POST method passes the object body data to the application at the specified URI for processing. This is the preferred method for passing write data to the server, since it cannot be easily manipulated. Never.
DELETE

Some web publishing applications
No.
HEAD

Web caching servers
Search engines
Link validation software
The HEAD method will cause the server to response with the header information for the document without the Object Body information. Compare to GET, which elicits a response containing both header and body information.
Via the information returned from a HEAD request, a web cache or validation tool can verify that a document exists and determine whether it has been updated since it was last retrieved.
Ideally not.
OPTIONS

Unknown

The OPTIONS method causes the server to respond with the options of what can be performed on the specified document. OPTIONS is very rarely implemented on most servers, and usually elicits an Error 500 (Internal Server Error) No.
LINK

UNLINK

TRACE

Server management software
Manual HTTP troubleshooting
When a server receives a TRACE command/method, it will respond with the text 'TRACE' to indicate that it is functioning properly. The TRACE method is HTTP's rough equivalent to the layer 3 ping command.
Also, when a TRACE is issued, all proxies and caching servers along the path will insert their information into the Via header field, so that upon deeper analysis, the entity which submitted the TRACE can identify if and where such equipment exists along the network path.
Ideally not.

For More Information

RFC-2616, Hypertext Transfer Protocol HTTP/1.1

HTTP 1.1 latest revision

RFC-2068, Hypertext Transfer Protocol HTTP/1.1

HTTP 1.1 initial specifications
RFC-1945, Hypertext Transfer Protocol HTTP/1.0

The original HTTP 1.0 specifications

RFC-2660, The Secure Hypertext Transfer Protocol

Original specifications for HTTPS

RFC-1866, Hypertext Markup Language (HTML)

HTML 1.0 original specifications

Apache Page

Gives information about Apache, the web's most popular HTTP server.

NCSA page

Exhaustive information on the NCSA webserver, upon which Apache was based.

Last updated 8 Oct 1999

Please report any problems or comments to webmaster@ringofsaturn.com

Error Number	Name	Method	Description
200	OK	GET, HEAD	Document was successfully transferred. No error.
201	Created	POST, PUT	POST or PUT was successful. No error.
202	Accepted	GET, HEAD, DELETE, POST, PUT	Request was accepted without error, but the request will be processed later.
203	Provisional Information	GET, HEAD, POST	Request succesful, but response consists of cached or non-authoritative information
204	No Response	GET, HEAD, POST	Request was successful, but there is no data to send
205	Deleted	DELETE	Document will be deleted as requested
206	Modified	PUT	Document will be modified as requested
301	Moved Permanently	GET, HEAD, POST, PUT	Document has a new permanent URI. Browsers with support redirection should direct future requests to the new URI
302	Moved Temporarily	GET, HEAD, POST, PUT	Document has temporarily moved to a new URI. Browser should redirect this request to the new URI, but future requests should still try the original URI first.
304	Not Modified	GET	Document has not changed since the date and time specified in the If-Modified-Since field.
400	Bad Request
401	Unauthorized		Username and password do not match with an allowed username and password for a protected directory Encryption failure
403	Forbidden		File requested is not readable by user nobody Access to the file, directory, or index is prohibited in access.conf or httpd.conf
404	Not Found		Requested file or directory does not exist
500	Internal Server Error		HTTP header error Executable content generated an error on the server
501	Not Implemented		Object does not support the HTTP method used (e.g. POST instead of GET)
502	Service Temporarily Overloaded		httpd is unable to spawn a child process to handle the request, either because the system is out of resources, or in accordance with configuration constraints
503	Service Unavailable		A timeout occurred while waiting for a response from the port specified

Method	Implementations	Description	Cached?
GET	"Standard" Hypertext document viewing Read only CGI applications (URL based) Search engines	A GET request will cause the server to respond with the entire header and body of the document specified. The URI may also include query information which can be utilized by CGI to customize the information presented or to search for particular information. While it is possible to pass write data to an application via GET, the practice is not recommended as it poses significant security risks, since URI information can easily be manipulated by the end-user.	Yes.
PUT	Some web publishing applications, including MS FrontPage	A PUT request will cause the object body data to be saved to the URI location specified. Some publishing implementations, most notoriously Microsoft FrontPage, use this as an alternative to FTP for publishing web content. Obviously, the server must be specifically configured to allow PUT requests, since they are disabled by default for security reasons.
POST	Read/write CGI applications (form based)	The POST method passes the object body data to the application at the specified URI for processing. This is the preferred method for passing write data to the server, since it cannot be easily manipulated.	Never.
DELETE	Some web publishing applications		No.
HEAD	Web caching servers Search engines Link validation software	The HEAD method will cause the server to response with the header information for the document without the Object Body information. Compare to GET, which elicits a response containing both header and body information. Via the information returned from a HEAD request, a web cache or validation tool can verify that a document exists and determine whether it has been updated since it was last retrieved.	Ideally not.
OPTIONS	Unknown	The OPTIONS method causes the server to respond with the options of what can be performed on the specified document. OPTIONS is very rarely implemented on most servers, and usually elicits an Error 500 (Internal Server Error)	No.
LINK
UNLINK
TRACE	Server management software Manual HTTP troubleshooting	When a server receives a TRACE command/method, it will respond with the text 'TRACE' to indicate that it is functioning properly. The TRACE method is HTTP's rough equivalent to the layer 3 ping command. Also, when a TRACE is issued, all proxies and caching servers along the path will insert their information into the Via header field, so that upon deeper analysis, the entity which submitted the TRACE can identify if and where such equipment exists along the network path.	Ideally not.