Intro | How links work | Client requests | Server response | Caching | Server-side programmes | Negotiation | Cookies | Logs |Authentication | TCP and IP | FAQ

The response returned by the server

Outline

What the server returns consists of a line with the status code, a list of header fields, a blank line and then the requested document, if it is returned at all. Sort of like this:

HTTP/1.0 code text
Field1: Value1
Field2: Value2

...Document content here...

The status codes

The status codes are all three-digit numbers that are grouped by the first digit into 5 groups. The reason phrases given with the status codes below are just suggestions. Server can return any reason phrase they wish.

1xx: Informational

No 1xx status codes are defined, and they are reserved for experimental purposes only.

2xx: Successful

Means that the request was processed successfully.

200 OK

Means that the server did whatever the client wanted it to, and all is well.

Others

The rest of the 2xx status codes are mainly meant for script processing and are not often used.

3xx: Redirection

Means that the resource is somewhere else and that the client should try again at a new address.

301 Moved permanently

The resource the client requested is somewhere else, and the client should go there to get it. Any links or other references to this resource should be updated.

302 Moved temporarily

This means the same as the 301 response, but links should now not be updated, since the resource may be moved again in the future.

304 Not modified

This response can be returned if the client used the if-modified-since header field and the resource has not been modified since the given time. Simply means that the cached version should be displayed for the user.

4xx: Client error

Means that the client screwed up somehow, usually by asking for something it should not have asked for.

400: Bad request

The request sent by the client didn't have the correct syntax.

401: Unauthorized

Means that the client is not allowed to access the resource. This may change if the client retries with an authorization header.

403: Forbidden

The client is not allowed to access the resource and authorization will not help.

404: Not found

Seen this one before? :) It means that the server has not heard of the resource and has no further clues as to what the client should do about it. In other words: dead link.

5xx: Server error

This means that the server screwed up or that it couldn't do as the client requested.

500: Internal server error

Something went wrong inside the server.

501: Not implemented

The request method is not supported by the server.

503: Service unavailable

This sometimes happens if the server is too heavily loaded and cannot service the request. Usually, the solution is for the client to wait a while and try again.

The response header fields

These are the header fields a server can return in response to a request.

Location

This tells the user agent where the resource it requested can be found. The value is just the URL of the new resource.

Server

This tells the user agent which web server is used. Nearly all web servers return this header, although some leave it out.

Content-length

This gives the size of the resource, in bytes.

Content-type

This describes the file format of the resource.

Content-encoding

This means that the resource has been coded in some way and must be decoded before use.

Expires

This field can be set for data that are updated at a known time (for instance if they are generated by a script). It is used to prevent browsers from caching the resource beyond the given date.

Last-modified

This tells the browser when the resource was last modified. Can be useful for mirroring, update notification etc.