http headers and status codes
The HTTP headers are used to pass additional information between the clients and the server through the request and response header. They are case-insensitive, separated by colon, key-value pairs, in clear-text string format.
Let’s look at some sample server headers
Authorization — Used to request restricted documents.
Proxy- Authenticate — It is a response header gives access to a resource file by defining an authorization method. It allows the proxy server to transmit the request further by authenticating it.
Proxy-Authorization — It is a request type of header. This header contains the credentials to authenticate between the user agent and the user-specified server.
WWW — AuthenticateIt is a response header that defines the authentication method. It should be used to gain access to a resource.
Some sample server headers
Age — It is a response header. It defines the times in seconds of the object that have been in the proxy cache.
Cache — ControlIt is a general type header used to specify directives for caching mechanisms.
Clear-Site-Data — It is a response-type header. This header is used in deleting the browsing data which is in the requesting website.
Expires — It is a response-type header, it is used to define date/time after after that time that will be vanished.
Pragma — It is general-type header, but response behavior is not specified and thus implementation-specific.
Warnings — It is a general type header that is used to inform possible problems to the client.
Now lets look at few status codes.
- Status Code 200 — A standard “OK” status code for a successful HTTP request. The response that is returned is dependent on the request. For example, for a GET request, the response will be included in the message body. For a PUT/POST request, the response will include the resource that contains the result of the action.
- Status Code 201 — A status code that confirms that the request was successful and, as a result, a new resource was created. Typically, this is the status code that is sent after a POST/PUT request.
- Status Code 204 — Confirms that the server has fulfilled the request but does not need to return information. Examples of this status code include delete requests or if a request was sent via a form and the response should not cause the form to be refreshed or for a new page to load.
- Status Code 304 — Used for browser caching. If the response has not been modified, the client/user can continue to use the same response/cached version. For example, a browser can request if a resource has been modified since a specific time. If it hasn’t, the status code 304 is sent. If it has been modified, a status code 200 is sent, along with the resource.
- Status Code 400 — The server cannot understand and process a request due to a client error. Missing data, domain validation, and invalid formatting are some examples that cause the status code 400 to be sent.
- Status Code 401 — This status code request occurs when authentication is required but has failed or not been provided.
- Status Code 403 — Very similar to status code 401, a status code 403 happens when a valid request was sent, but the server refuses to accept it. This happens if a client/user requires the necessary permission or they may need an account to access the resource. Unlike a status code 401, authentication will not apply here.
- Status Code 404 — The most common status code the average user will see. A status code 404 occurs when the request is valid, but the resource cannot be found on the server. Even though these are grouped in the Client Errors “bucket,” they are often due to improper URL redirection.
- Status Code 409 — A status code 409 is sent when a request conflicts with the current state of the resource. This is usually an issue with simultaneous updates, or versions, that conflict with one another.
- Status Code 410 — Resource requested is no longer available and will not be available again. Learn about network error 410.
- Status Code 500 — Another one of the more commonly seen status codes by users, the 500 series codes are similar to the 400 series codes in that they are true error codes. The status code 500 happens when the server cannot fulfill a request due to an unexpected issue. Web developers typically have to comb through the server logs to determine where the exact issue is coming from.