- Security Testing Tutorial
- Security Testing - Home
- Security Testing - Overview
- Security Testing - Process
- Security Testing - Malicious Software
- HTTP Protocol Basics
- HTTPS Protocol Basics
- Encoding and Decoding
- Security Testing - Cryptography
- Security Testing - Same Origin Policy
- Security Testing - Cookies
- Hacking Web Applications
- Security Testing - Injection
- Testing Broken Authentication
- Testing Cross Site Scripting
- Insecure Direct Object Reference
- Testing Security Misconfiguration
- Testing Sensitive Data Exposure
- Missing Function Level Access Control
- Cross Site Request Forgery
- Components with Vulnerabilities
- Unvalidated Redirects and Forwards
- Security Testing - Ajax Security
- Testing Security - Web Service
- Security Testing - Buffer Overflows
- Security Testing - Denial of Service
- Testing Malicious File Execution
- Security Testing - Automation Tools
- Security Testing Useful Resources
- Security Testing - Quick Guide
- Security Testing - Useful Resources
- Security Testing - Discussion
Security Testing - HTTP Status Codes
HTTP Status Codes
The Status-Code element in a server response, is a 3-digit integer where first digit of the Status-Code defines the class of response and the last two digits do not have any categorization role. There are five values for the first digit −
| S.No. | Code and Description |
|---|---|
| 1 | 1xx: Informational It means the request was received and it is in process. |
| 2 | 2xx: Success It means the action was successfully received, understood, and accepted. |
| 3 | 3xx: Redirection It implies further action must be taken in order to complete the request. |
| 4 | 4xx: Client Error It means the request contains incorrect syntax or cannot be fulfilled. |
| 5 | 5xx: Server Error It means the server failed to fulfill an apparently valid request. |
HTTP status codes are extensible and HTTP applications are not required to understand the meaning of all the registered status codes. The following list contains all the status codes −
1xx: Information
| S.No. | Message and Description |
|---|---|
| 1 | 100 Continue Only a part of the request is received by the server, but as long as it has not been rejected, the client should continue with the request. |
| 2 | 101 Switching Protocols The server switches protocol. |
2xx: Successful
| S.No. | Message and Description |
|---|---|
| 1 | 200 OK The request is OK. |
| 2 | 201 Created The request is complete, and a new resource is created. |
| 3 | 202 Accepted The request is accepted for processing, but the processing is not complete. |
| 4 | 203 Non-authoritative Information The information in the entity header is from a local or third-party copy, not from the original server. |
| 5 | 204 No Content A status code and header are given in the response, but there is no entity-body in the reply. |
| 6 | 205 Reset Content The browser should clear the form used for this transaction for additional input. |
| 7 | 206 Partial Content The server is returning partial data of the size requested. It is used in response to a request specifying aRange header. The server must specify the range included in the response with the Content-Range header. |
3xx: Redirection
| S.No. | Message and Description |
|---|---|
| 1 | 300 Multiple Choices A link list. The user can select a link and go to that location. Maximum five addresses are available. |
| 2 | 301 Moved Permanently The requested page has moved to a new URL. |
| 3 | 302 Found The requested page has moved temporarily to a new URL. |
| 4 | 303 See Other The requested page can be found under a different URL. |
| 5 | 304 Not Modified This is the response code to an If-Modified-Since or If-None-Match header, where the URL has not been modified since the specified date. |
| 6 | 305 Use Proxy The requested URL must be accessed through the proxy mentioned in the Location header. |
| 7 | 306 Unused This code was used in a previous version. It is no longer used, but the code is reserved |
| 8 | 307 Temporary Redirect The requested page has moved temporarily to a new URL. |
4xx: Client Error
| S.No. | Message and Description |
|---|---|
| 1 | 400 Bad Request The server did not understand the request. |
| 2 | 401 Unauthorized The requested page needs a username and a password. |
| 3 | 402 Payment Required You cannot use this code yet. |
| 4 | 403 Forbidden Access is forbidden to the requested page. |
| 5 | 404 Not Found The server cannot find the requested page. |
| 6 | 405 Method Not Allowed The method specified in the request is not allowed. |
| 7 | 406 Not Acceptable The server can only generate a response that is not accepted by the client. |
| 8 | 407 Proxy Authentication Required You must authenticate with a proxy server before this request can be served. |
| 9 | 408 Request Timeout The request took longer than the server was prepared to wait. |
| 10 | 409 Conflict The request could not be completed because of a conflict. |
| 11 | 410 Gone The requested page is no longer available. |
| 12 | 411 Length Required The "Content-Length" is not defined. The server will not accept the request without it. |
| 13 | 412 Precondition Failed The precondition given in the request evaluated is false by the server. |
| 14 | 413 Request Entity Too Large The server will not accept the request, because the request entity is too large. |
| 15 | 414 Request-url Too Long The server will not accept the request, because the URL is too long. It occurs when you convert a "post" request to a "get" request with a long query information. |
| 16 | 415 Unsupported Media Type The server will not accept the request, because the media type is not supported. |
| 17 | 416 Requested Range Not Satisfiable The requested byte range is not available and is out of bounds. |
| 18 | 417 Expectation Failed The expectation given in an Expect request-header field could not be met by this server. |
5xx: Server Error
| S.No. | Message and Description |
|---|---|
| 1 | 500 Internal Server Error The request was not completed. The server met an unexpected condition. |
| 2 | 501 Not Implemented The request was not completed. The server did not support the functionality required. |
| 3 | 502 Bad Gateway The request was not completed. The server received an invalid response from the upstream server. |
| 4 | 503 Service Unavailable The request was not completed. The server is temporarily overloading or down. |
| 5 | 504 Gateway Timeout The gateway has timed out. |
| 6 | 505 HTTP Version Not Supported The server does not support the "http protocol" version. |
To Continue Learning Please Login