Security Testing - HTTP Status Codes

HTTP Status Codes

The Status-Code element in a server response, is a 3-digit integer where first digit of the Status-Code defines the class of response and the last two digits do not have any categorization role. There are 5 values for the first digit:
S.N.Code and Description
11xx: Informational
This means request received and continuing process.
22xx: Success
This means the action was successfully received, understood, and accepted.
33xx: Redirection
This means further action must be taken in order to complete the request.
44xx: Client Error
This means the request contains bad syntax or cannot be fulfilled
55xx: Server Error
The server failed to fulfill an apparently valid request
HTTP status codes are extensible and HTTP applications are not required to understand the meaning of all registered status codes. Following is a list of all the status code.

1xx: Information

Message:Description:
100 ContinueOnly a part of the request has been received by the server, but as long as it has not been rejected, the client should continue with the request
101 Switching ProtocolsThe server switches protocol

2xx: Successful

Message:Description:
200 OKThe request is OK
201 CreatedThe request is complete, and a new resource is created 
202 AcceptedThe request is accepted for processing, but the processing is not complete
203 Non-authoritative InformationThe information in the entity header is from a local or third-party copy, not from the original server.
204 No ContentA status code and header are given in the response, but there is no entity-body in the reply.
205 Reset ContentThe browser should clear the form used for this transaction for additional input.
206 Partial ContentThe server is returning partial data of the size requested. Used in response to a request specifying a Range header. The server must specify the range included in the response with the Content-Range header.

3xx: Redirection

Message:Description:
300 Multiple ChoicesA link list. The user can select a link and go to that location. Maximum five addresses  
301 Moved PermanentlyThe requested page has moved to a new url 
302 FoundThe requested page has moved temporarily to a new url 
303 See OtherThe requested page can be found under a different url 
304 Not ModifiedThis is the response code to an If-Modified-Sinceor If-None-Match header, where the URL has not been modified since the specified date.
305 Use ProxyThe requested URL must be accessed through the proxy mentioned in the Location header.
306 UnusedThis code was used in a previous version. It is no longer used, but the code is reserved
307 Temporary RedirectThe requested page has moved temporarily to a new url

4xx: Client Error

Message:Description:
400 Bad RequestThe server did not understand the request
401 UnauthorizedThe requested page needs a username and a password
402 Payment RequiredYou can not use this code yet
403 ForbiddenAccess is forbidden to the requested page
404 Not FoundThe server can not find the requested page
405 Method Not AllowedThe method specified in the request is not allowed
406 Not AcceptableThe server can only generate a response that is not accepted by the client
407 Proxy Authentication RequiredYou must authenticate with a proxy server before this request can be served
408 Request TimeoutThe request took longer than the server was prepared to wait
409 ConflictThe request could not be completed because of a conflict
410 GoneThe requested page is no longer available 
411 Length RequiredThe "Content-Length" is not defined. The server will not accept the request without it 
412 Precondition FailedThe precondition given in the request evaluated to false by the server
413 Request Entity Too LargeThe server will not accept the request, because the request entity is too large
414 Request-url Too LongThe server will not accept the request, because the url is too long. Occurs when you convert a "post" request to a "get" request with a long query information 
415 Unsupported Media TypeThe server will not accept the request, because the media type is not supported 
416 Requested Range Not SatisfiableThe requested byte range is not available and is out of bounds.
417 Expectation FailedThe expectation given in an Expect request-header field could not be met by this server.

5xx: Server Error

Message:Description:
500 Internal Server ErrorThe request was not completed. The server met an unexpected condition
501 Not ImplementedThe request was not completed. The server did not support the functionality required
502 Bad GatewayThe request was not completed. The server received an invalid response from the upstream server
503 Service UnavailableThe request was not completed. The server is temporarily overloading or down
504 Gateway TimeoutThe gateway has timed out
505 HTTP Version Not SupportedThe server does not support the "http protocol" version

No comments:

Post a Comment