a status code (like 200) is a required part of every HTTP response. status codes are in 5 classes:
there are 41 and they're all defined in RFC 7231
789?
I tested returning a 789 and Firefox didn't even complain.
It's probably better to stick to the regular defined status codes
though :)
a server can return a 404 for any reason it wants. Usually it's because either the file is missing, or you requested an endpoint that the server doesn't have any route for.
403 Forbidden?
again, servers can return any status code they want. For example,
GitHub will return 404 Not Found for repositories that
exist but that you don't have permission to access. It does this
because it doesn't want to leak the information that the
repository actually does exist.
301 or 302, how does the browser know what URL to go to?
Location header!
For example, many sites redirect all non-HTTPS requests to use HTTPS instead:
$ curl -I http://stripe.com
HTTP/1.1 301 Moved Permanently
Location: https://stripe.com/
302 Found redirect?
302 redirects aren't cached by default, so every time the browser goes to the URL it'll request it again.
301 Moved Permanently redirect?
this means that the second time a browser visits a site that's returned
a 301, it won't make a request to the original URL at all -- it'll just
load the redirect right away. This is why it's dangerous to set up a
301 if you're not 100% sure you want to keep the redirect
forever. You can also set the Cache-Control header to only
cache the redirect for a limited amount of time.
304 Not Modified redirect to another URL?
304 Not Modified is a "redirect" to the browser's cache.
Servers can return this header when the client has asked the server
whether its cached version of a resource is up to date (with the
If-None-Match or If-Modified-Since header).
304 responses don't contain a response body, because the whole point is that the client already has the response cached.