Loading tool...
Visual Content Security Policy builder. Create CSP headers to protect against XSS and code injection attacks
Generate Subresource Integrity (SRI) hashes for scripts and stylesheets. Protect against CDN compromise and tampering
Calculate IPv4 and IPv6 subnet details including network address, broadcast, host range, netmask, and wildcard mask
Complete reference for all HTTP status codes with detailed explanations, use cases, and troubleshooting guidance. Web developers and API implementers need to understand what status codes mean, when to use each one, and how clients should respond to them. HTTP status codes are divided into five categories—1xx Informational, 2xx Success, 3xx Redirection, 4xx Client Error, and 5xx Server Error—each serving distinct purposes in HTTP communication. This comprehensive reference provides the full text of all standard status codes with clear explanations of what each means, the correct scenarios for their use, common troubleshooting approaches, and examples of when servers should return specific codes. Whether you're building REST APIs, debugging unexpected HTTP responses, learning web development, implementing error handling, or working with client-server architecture, quick access to status code meanings and proper usage prevents bugs and improves API design.
Choose appropriate status codes for API endpoints, ensuring clients receive the right information about request success, redirects, or errors.
Understand what status codes in logs and error messages mean, identifying the root cause of request failures or unexpected responses.
Understand HTTP fundamentals and how status codes communicate request outcomes to clients and browsers.
Implement proper client-side error handling based on status code categories and meanings.
Quickly look up status code meanings without leaving your IDE or development environment.
Provide accurate documentation explaining which status codes your API returns and what they signify.
The Hypertext Transfer Protocol (HTTP) has been the communication backbone of the World Wide Web since Tim Berners-Lee defined HTTP/0.9 in 1991. Status codes were introduced with HTTP/1.0 in 1996 (RFC 1945) and significantly expanded in HTTP/1.1 (RFC 2616), establishing the three-digit response code system that remains fundamental to web communication today. Every HTTP response begins with a status line containing the protocol version, a three-digit status code, and a human-readable reason phrase, enabling both machines and developers to understand the outcome of a request.
Status codes are organized into five categories based on their first digit. The 1xx Informational codes (like 100 Continue and 101 Switching Protocols) indicate that the server has received the request headers and the client should proceed. The 2xx Success codes confirm successful processing, with 200 OK being the most common, while 201 Created signals resource creation and 204 No Content confirms success without a response body. The 3xx Redirection codes instruct clients to take additional action, most importantly distinguishing between 301 Moved Permanently (which search engines treat as a permanent URL change) and 302 Found (a temporary redirect that preserves the original URL in search indexes).
The 4xx Client Error codes indicate problems with the request itself. The ubiquitous 404 Not Found means the resource does not exist at the requested URL. The 401 Unauthorized code (which despite its name actually means unauthenticated) indicates that valid credentials are required, while 403 Forbidden means the server refuses to authorize the request even if the client is authenticated. The 429 Too Many Requests code, added in RFC 6585, has become essential for rate limiting in modern APIs. The 5xx Server Error codes indicate that the server failed to fulfill a valid request, with 500 Internal Server Error as the generic fallback, 502 Bad Gateway indicating upstream server issues, and 503 Service Unavailable signaling temporary overload or maintenance.
In REST API design, proper status code usage is a cornerstone of good API architecture. RESTful conventions establish patterns like returning 201 Created with a Location header for POST requests that create resources, 204 No Content for successful DELETE operations, and 409 Conflict when a request conflicts with the current resource state. Modern HTTP/2 and HTTP/3 protocols maintain the same status code semantics while improving transport efficiency through multiplexing and header compression, ensuring that the status code system remains relevant as the protocol evolves.
4xx codes indicate client-side errors where the request was invalid (e.g., 404 Not Found, 401 Unauthorized). 5xx codes indicate server-side errors where the server failed to fulfill a valid request.
A 301 is a permanent redirect telling browsers and search engines the resource has moved permanently. A 302 is a temporary redirect, meaning the original URL should still be used in the future.
A 403 means the server understood the request but refuses to authorize it. This usually occurs when you lack the necessary permissions to access the resource, even if authenticated.
Both indicate success, but 200 OK includes a response body with data, while 204 No Content confirms the action succeeded without returning any data. 204 is common for DELETE operations.
All processing happens directly in your browser. Your files never leave your device and are never uploaded to any server.