- Security Testing - Home
- Security Testing - Overview
- Security Testing - Process
- Security Testing - Malicious Software
- HTTP Protocol Basics
- HTTPS Protocol Basics
- Encoding and Decoding
- Security Testing - Cryptography
- Security Testing - Same Origin Policy
- Security Testing - Cookies
- Hacking Web Applications
- Security Testing - Injection
- Testing Broken Authentication
- Testing Cross Site Scripting
- Insecure Direct Object Reference
- Testing Security Misconfiguration
- Testing Sensitive Data Exposure
- Missing Function Level Access Control
- Cross Site Request Forgery
- Components with Vulnerabilities
- Unvalidated Redirects and Forwards
- Security Testing - Ajax Security
- Testing Security - Web Service
- Security Testing - Buffer Overflows
- Security Testing - Denial of Service
- Testing Malicious File Execution
- Security Testing - Automation Tools
Security Testing - HTTP Status Codes
HTTP Status Codes
The Status-Code element in a server response, is a 3-digit integer where first digit of the Status-Code defines the class of response and the last two digits do not have any categorization role. There are five values for the first digit −
| S.No. | Code and Description |
|---|---|
| 1 |
1xx: Informational It means the request was received and it is in process. |
| 2 |
2xx: Success It means the action was successfully received, understood, and accepted. |
| 3 |
3xx: Redirection It implies further action must be taken in order to complete the request. |
| 4 |
4xx: Client Error It means the request contains incorrect syntax or cannot be fulfilled. |
| 5 |
5xx: Server Error It means the server failed to fulfill an apparently valid request. |
HTTP status codes are extensible and HTTP applications are not required to understand the meaning of all the registered status codes. The following list contains all the status codes −
1xx: Information
| S.No. | Message and Description |
|---|---|
| 1 |
100 Continue Only a part of the request is received by the server, but as long as it has not been rejected, the client should continue with the request. |
| 2 |
101 Switching Protocols The server switches protocol. |
2xx: Successful
| S.No. | Message and Description |
|---|---|
| 1 |
200 OK The request is OK. |
| 2 |
201 Created The request is complete, and a new resource is created. |
| 3 |
202 Accepted The request is accepted for processing, but the processing is not complete. |
| 4 |
203 Non-authoritative Information The information in the entity header is from a local or third-party copy, not from the original server. |
| 5 |
204 No Content A status code and header are given in the response, but there is no entity-body in the reply. |
| 6 |
205 Reset Content The browser should clear the form used for this transaction for additional input. |
| 7 |
206 Partial Content The server is returning partial data of the size requested. It is used in response to a request specifying aRange header. The server must specify the range included in the response with the Content-Range header. |
3xx: Redirection
| S.No. | Message and Description |
|---|---|
| 1 |
300 Multiple Choices A link list. The user can select a link and go to that location. Maximum five addresses are available. |
| 2 |
301 Moved Permanently The requested page has moved to a new URL. |
| 3 |
302 Found The requested page has moved temporarily to a new URL. |
| 4 |
303 See Other The requested page can be found under a different URL. |
| 5 |
304 Not Modified This is the response code to an If-Modified-Since or If-None-Match header, where the URL has not been modified since the specified date. |
| 6 |
305 Use Proxy The requested URL must be accessed through the proxy mentioned in the Location header. |
| 7 |
306 Unused This code was used in a previous version. It is no longer used, but the code is reserved |
| 8 |
307 Temporary Redirect The requested page has moved temporarily to a new URL. |
4xx: Client Error
| S.No. | Message and Description |
|---|---|
| 1 |
400 Bad Request The server did not understand the request. |
| 2 |
401 Unauthorized The requested page needs a username and a password. |
| 3 |
402 Payment Required You cannot use this code yet. |
| 4 |
403 Forbidden Access is forbidden to the requested page. |
| 5 |
404 Not Found The server cannot find the requested page. |
| 6 |
405 Method Not Allowed The method specified in the request is not allowed. |
| 7 |
406 Not Acceptable The server can only generate a response that is not accepted by the client. |
| 8 |
407 Proxy Authentication Required You must authenticate with a proxy server before this request can be served. |
| 9 |
408 Request Timeout The request took longer than the server was prepared to wait. |
| 10 |
409 Conflict The request could not be completed because of a conflict. |
| 11 |
410 Gone The requested page is no longer available. |
| 12 |
411 Length Required The "Content-Length" is not defined. The server will not accept the request without it. |
| 13 |
412 Precondition Failed The precondition given in the request evaluated is false by the server. |
| 14 |
413 Request Entity Too Large The server will not accept the request, because the request entity is too large. |
| 15 |
414 Request-url Too Long The server will not accept the request, because the URL is too long. It occurs when you convert a "post" request to a "get" request with a long query information. |
| 16 |
415 Unsupported Media Type The server will not accept the request, because the media type is not supported. |
| 17 |
416 Requested Range Not Satisfiable The requested byte range is not available and is out of bounds. |
| 18 |
417 Expectation Failed The expectation given in an Expect request-header field could not be met by this server. |
5xx: Server Error
| S.No. | Message and Description |
|---|---|
| 1 |
500 Internal Server Error The request was not completed. The server met an unexpected condition. |
| 2 |
501 Not Implemented The request was not completed. The server did not support the functionality required. |
| 3 |
502 Bad Gateway The request was not completed. The server received an invalid response from the upstream server. |
| 4 |
503 Service Unavailable The request was not completed. The server is temporarily overloading or down. |
| 5 |
504 Gateway Timeout The gateway has timed out. |
| 6 |
505 HTTP Version Not Supported The server does not support the "http protocol" version. |