a status code (like
200) is a required part of every HTTP response. status codes are in 5 classes:
there are 41 and they're all defined in RFC 7231
I tested returning a
789 and Firefox didn't even complain.
It's probably better to stick to the regular defined status codes
a server can return a 404 for any reason it wants. Usually it's because either the file is missing, or you requested an endpoint that the server doesn't have any route for.
again, servers can return any status code they want. For example,
GitHub will return
404 Not Found for repositories that
exist but that you don't have permission to access. It does this
because it doesn't want to leak the information that the
repository actually does exist.
302, how does the browser know what URL to go to?
For example, many sites redirect all non-HTTPS requests to use HTTPS instead:
$ curl -I http://stripe.com HTTP/1.1 301 Moved Permanently Location: https://stripe.com/
302 Found redirect?
302 redirects aren't cached by default, so every time the browser goes to the URL it'll request it again.
301 Moved Permanently redirect?
this means that the second time a browser visits a site that's returned
a 301, it won't make a request to the original URL at all -- it'll just
load the redirect right away. This is why it's dangerous to set up a
301 if you're not 100% sure you want to keep the redirect
forever. You can also set the
Cache-Control header to only
cache the redirect for a limited amount of time.
304 Not Modified redirect to another URL?
304 Not Modified is a "redirect" to the browser's cache.
Servers can return this header when the client has asked the server
whether its cached version of a resource is up to date (with the
304 responses don't contain a response body, because the whole point is that the client already has the response cached.