HTTP response code cheat sheet
(From /r/Programmer humor)

Comprehensive HTTP Status Codes 😂

You see a web, I see:

CLIENT: TCP SYN
SERVER: TCP SYN ACK
CLIENT: HTTP Get
SERVER: HTTP Response
...
CLIENT: TCP FIN
SERVER: TCP FIN ACK

All I’m saying is that this spider has a clear understanding of Transfer Control Protocol.

How they teach http errors the easy way..

--- HTTP/3 is coming! And it won't use TCP! ---

A recent announcement reveals that HTTP - the protocol used by browsers to communicate with web servers - will get a major change in version 3!

Before, the HTTP protocols (version 1.0, 1.1 and 2.2) were all layered on top of TCP (Transmission Control Protocol).
TCP provides reliable, ordered, and error-checked delivery of data over an IP network.
It can handle hardware failures, timeouts, etc. and makes sure the data is received in the order it was transmitted in.
Also you can easily detect if any corruption during transmission has occurred.
All these features are necessary for a protocol such as HTTP, but TCP wasn't originally designed for HTTP!
It's a "one-size-fits-all" solution, suitable for *any* application that needs this kind of reliability.
TCP does a lot of round trips between the client and the server to make sure everybody receives their data. Especially if you're using SSL. This results in a high network latency.
So if we had a protocol which is basically designed for HTTP, it could help a lot at fixing all these problems.
This is the idea behind "QUIC", an experimental network protocol, originally created by Google, using UDP.

Now we all know how unreliable UDP is: You don't know if the data you sent was received nor does the receiver know if there is anything missing. Also, data is unordered, so if anything takes longer to send, it will most likely mix up with the other pieces of data. The only good part of UDP is its simplicity.
So why use this crappy thing for such an important protocol as HTTP?
Well, QUIC fixes all these problems UDP has, and provides the reliability of TCP but without introducing lots of round trips and a high latency! (How cool is that?)

The Internet Engineering Task Force (IETF) has been working (or is still working) on a standardized version of QUIC, although it's very different from Google's original proposal.
The IETF also wants to create a version of HTTP that uses QUIC, previously referred to as HTTP-over-QUIC. HTTP-over-QUIC isn't, however, HTTP/2 over QUIC.
It's a new, updated version of HTTP built for QUIC.

Now, the chairman of both the HTTP working group and the QUIC working group for IETF, Mark Nottingham, wanted to rename HTTP-over-QUIC to HTTP/3, and it seems like his proposal got accepted!
So version 3 of HTTP will have QUIC as an essential, integral feature, and we can expect that it no longer uses TCP as its network protocol.

We will see how it turns out in the end, but I'm sure we will have to wait a couple more years for HTTP/3, when it has been thoroughly tested and integrated.

Thank you for reading!

Found this gem on Neil Fraser's blog!

Found this in my girlfriends hometown today.

Wait, what??!

Me: We should change the http response code to anything but 200 OK in the error response case of our API.
Other dev: No, it's fine.
Me: Why?
Other dev: The client successfully receives an error message.
Me: ┻━┻ ︵ヽ(`Д´)ﾉ︵ ┻━┻

http 500 internal server error

Best HTTP 404 Not Found Error Ever !!

Explaining HTTP status codes when the pressure is too high.

Are you http? 'Cause you're insecure ://

HTTP stats

Can't ssh to my vps at work; hello new hobby project!
(server hosted on vps, http request -> shell -> http response)
Next up is supporting an interactive shell

HTTP return codes cheat sheet :
1** : Hold on
2** : Here you go
3** : Go away
4** : You fucked up
5** : I fucked up

Misunderstanding is like running ftp server on port 80!
Ftp responses for http request!
In real life it happens like this

Today a client asked us if we could remove http:// of his website url...

Junkies sniff cocaine.
Hackers sniff HTTP.

Back in these days

Had a job interview recently that went well besides one little disagreement... and it has made me question my sanity. Tell me if I'm wrong.

They asked the difference between a GET and POST request.

Wow, that's an easy one, they're giving me a break, I thought to myself.

I said "GET is used to retrieve data from a server, whereas POST is used to add data to a server, via it's body, which a GET lacks" or something like that.

They were like "ya mostly, but GET can be used to enter data into the server too. We were just looking for the body thing."

And I'm like.... yeah, you could do that, but that's not what it's meant for.

They mention stuff about query parameters and I hold steady that GET and POST are different because GET has a specific purpose. Otherwise, we wouldn't need the "method" part of an HTTP request at all. We could just either include a body or not include a body.

I ended it with "Well, POST implies that you are adding data to a server, and GET implies you are querying data from the server. When I'm reading documentation, that's how I quickly determine what an endpoint does."

My confidence was a little shaken at this point. Crazy what two people with (I assume at least) 10+ years of experience telling you you're wrong will do to your confidence.

HTTP 200 responses on failures… 😒

I consider myself a web developer for over 7 years.

Today, I learnt that http features a HEAD request.

Wut.

So lately I’ve been sending an http request with ajax instead of using classic form submit. Pdf and images need to be converted into byte64 string then send it to the backend, problem is if the size gets too big chrome crashes and showed me ‘Aw snap’, but it works on firefox. Thr file is size could be 3 to 100 mb (for pdf). So my question; is this my problem or just browser limitation?

Http 500 OK

Thank you HP!

HTTP Error 413: That’s what she said!

I POSTed a joke, I wonder why anyone didn't GET it! 🙄🤔

Front end guy: Somethings wrong with your server. My app is crashing.
* proceed to check logs. Everything fine
Me: Ok send me a log, a printscreen something. What calls do you make?
*send a printscreen with a failling 404 request
* You dense motherfucker learn your fucking http status. They are there for a reason😤

Senior colleagues insisting on ALWAYS returning HTTP status 200 and sticking any error codes in the contained JSON response instead of using 4×× or 5×× statuses.

Bad input? Failed connections? Missing authorization? Doesn't matter, you get an OK. Wanna know if the request actually succeeded? Fuck you, parse potential kilobytes of JSON to get to the error code!

Am I the asshole or is that defeating the purpose of a status code?!

I have an HTTP joke, if I POST it, you cannot GET it

A few days ago a friend of mine asked me to teach him to code. When I wanted to know which language he'd like to learn, he hesitantly replied "https".
Then I explained, this was a data transfer protocol. His next idea was "http". 🙄

Guess who will learn Python

Argh! What are HTTP status codes for if you're not using them in your API implementation?!

Fucking morons!

HTTP return codes....

Do NOT send a 200, when the response is NOT OK.

I mean .... really ? In the http protocol ?

Proposed http response codes.

(image taken from DefCon 21 talk by Chris John Riley)

Remember that time I taught a "senior" full stack developer what the HTTP PATCH verb was, DURING an interview?

Didn't get the job.

Yeah. Those were good times.

When I call another dev and he give me another dev's number and the second one give me another and that one gives another num. :
I feel like "ERR_TOO_MANY_REDIRECTS"

Look ma, HTTP/2!

And it's retarded!

0,1... 10

HTTP Error Code 420: "Enhance Your Calm"

Http response cheat codes....

About browsers and whole SSL CERT thing...

Most likely everyone here noticed, that https site with broken certificate will throw these big red warnings, in your face and there is so much wording like "ITS NOT SECUREEEE" or "ITS HACKEDDD" almost like it was written by passionate fanatic.

But when you are on plaintext http browsers reaction is like ¯\_(ツ)_/¯
Even if you have plaintext with password, it will for example in chromium put small little red thingy that almost no one notices.

I believe that broken cert with some error like invalid date is MORE secure than plaintext password, yet still there is this hypocracy with browsers...

I dont say that broken SSL cert is good, or something, Im just pointing out contrast of "broken" https vs plain http.... One looks for casual Joe like end of the world is coming and second is bearly noticable. Da fuck?

I disagree with this approach

Me: please return http code 202 in your http service.

My collegue: ok.

After one hour...

Me: you are returning 200, I told you 202. Let me see the code:

OMFG she was writing the string "202" in the response body!!!

I do not know how to escape from all of this shit.

“Fullstack dev morphs into a security expert”

We have a simple user registration system. Get the user details, generate an OTP, save in Oracle, email the OTP. The SMTP host is configured to send emails only to people who have an existing @a_very_famous_bank.com email address.

As a part of an enhancement request, the other day, we were trying to register a non-bank email address. As expected, it failed.

Manager: Meeting... meeting... meeting

Me: (Explained the problem)

Fullstack dev: so the thing is.. it’s like.. (doesn’t falter to open with these lines)...what I can do is...I can send you an HTTP security header in the HTTP request. It’ll work!

Me: (I hope an adult giraffe fucks you in your belly button)

More to come!

Right, I've been here before.
Our app requires an internet connection, and one of our clients wants to roll it out on a strictly managed network.
We told them which addresses our app communicates with and their network team opened them up for traffic. Should work, right?
Nope, doesn't work.

So I request them to use Fiddler to do some debugging of the network traffic, and lo and behold, it does work when Fiddler is active.
One important detail is that Fiddler uses it's own SSL certificate to debug HTTPS communications. I've had moments where expired certificates were the cause of things not working and running Fiddler "fixes" this because of their own certificate.

So I point this out in numerous mails to their network team, every time I get a response saying "nah, that can't be it".
I keep insisting "I have had this before, please check if any installed Root CA Certificates is expired"
At this point I'm certain they have updates turned off on these machines, and their certificates must not have been updated for a long time.

At one point they come back to me. "Hey, when Fiddler is off, WireShark shows the app communicating with ICMP calls, but when it's on it shows HTTP calls instead".

...YOU'RE THE SUPPOSED NETWORK EXPERTS?! You think data can be send via ICMP? Do you even know what ICMP is? Of course you'll see ICMP calls when the network is rejecting the packages instead of HTTP calls when everything's fine.
(ICMP is used to communicate errors)

I'm trying to keep my patience with these guys until they find exactly what's wrong because even I am somewhat grasping at straws right now. But things like this makes me doubt their expertise...

Soo.. yeah.. I've just build a fully functional http webserver with BASH :) Yippee!!

Proof in the comments

Every monday is like this..

hey boy r u http because ://

"200 Internal Server Error"

Yep, I did that. Because the lousy crapheads I work with were too lazy to handle any other HTTP status so anything else breaks the whole thing. And it's a pain to roll out another release of their part of the backend so "this isn't a priority". Also, they don't feel the need to check the JSON body of the response for the "status":"ok"/"fail" because what could ever go wrong, right? I effectively have no way of conveying to them that there was an error on this end of the API so they show success toast on the frontend irrespective of what really happened.

I am currently in a bit of a (well-deserved) lull at work, both of my projects are finishing up/ finished, so tomorrow should be pretty light, as the latter half of today was.

And I have really gotten interested in the HTTP protocol. It's so interesting learning how it all works under the hood.

So I think I'm going to be researching/ messing around with creating a cpp project that essentially implements cURL from the ground up, creating sockets, reading from them, parsing the HTTP requests... all that. I don't expect to actually get it done, but it should be an immense learning experience. I have a clear goal: implement this function:

std::string get(const std::string&);

Once I'm able to just GET as simple as that, I know I have achieved my goal!

Java dev here. I rewrote an app and replaced a system call to ssh with a modern jaxrs post for uploading a file and (new) some additional data.
I even used a stream.

1 hour in production, first client doesn't get his file. Log says OutOfMemoryError: heap.

Me: wtf? I already use streams.
Looking at the Jersey library. Docs say nothing. An issue from 2013 says: oh if you silly don't use the Apache httpclient addon, we disable chunking and buffer the whole body, because our tests fail with the jdk included http client otherwise.

Me: meh.

No warning in the logs. Thank you soooooo much! Who could have known?

Just went to book something online. About to click the "Pay" button and noticed the page wasn't secure. Who the hell, in 2017, captures credit card details via insecure 'http'??? And 'https' worked on the home page but not the payment page!! Backed out of that, messaged them and we'll see if anything comes of it.

So here I am reinventing the wheel making an HTTP server in C.
Finished implementing HTTP/1.1 and WebSockets support and now I find out the current thingy is HTTP/2.
Well that's fine, I'll add support for that later. In fact I kinda dig it since it uses binary conventions instead of plain text ones.
I dig a little bit and find out there already is an HTTP/3 going around which uses UDP.
Why me.

Get some

NO, YOU ABSOLUTE DISGUSTING GREMLIN OF A JS HTTP CLIENT, I DON'T WANT YOU TO "JsOn.StRiNgiFy" MY PAYLOAD OR DOING ANY WEIRD SHIT

I NEED TO SEND THIS THING EXACTLY AS IT'S WRITTEN, STOP TRYING TO GUESS WHAT I'M TRYING TO DO I'M A DEV WITH SOME 7 YEARS OF EXPERIENCE WRITING CODE, I'M SENDING A STRING CUZ I NEED TO SEND A STRING

Writing a Unit test to test the Unit test that's testing your application, because you can never be sure about anything.

http requests

literally the bread and butter of any software engineer building applications, you would ASSUME they know what they are doing...

and you're gonna write a seperate http get and post function for every type you have?

apparently stuff like this that is written by "senior" developers? you don't even have a basic understanding of software...

i'm won't do it that way, becuase i'm an adult, not a child

what i'm going to do is write a HTTP request util function that can be used for any type and HTTP verb. DRY, single responsibility, etc.

imagine making the http request itself a responsibility coupled to the type 😂😂😂😂

get a clue and come back later

i can't tell anymore if my thoughts are so outlandish compared to everyone else that no one understands them, or if i've been doing this so long that i just immediately understand what needs to be done and don't know how to explain it to anyone else anymore (or take the mental effort to)

peace out

oh P.S.: imagine thinking the SOLID principles are only applicable to OOP

stay safe out there folks, its getting more painful every day

"Full http monitor"

http response 418 - just made my day

I just found out there's a 418 HTTP status code that stands for "I'm a teapot", specified by RFC2324 which "describes HTCPCP, a protocol for controlling, monitoring, and diagnosing coffee pots". I know it's an april fools joke but I still find it hilarious that there is an RFC for that.

Didn't know HTTP/3.2 existed. Holy crap! :D

Why do people still use both curl or wget? There's httpie and it's awesome!

http PUT your-host.com header-name:value parameter=value

Profit!

And it formats the response for json without jq. It will just show binary for binary content and you download by adding the download flag.

Yet why is curl still the default!?

Not sure if already posted, but I found this one on my phone and wanted to share this with you 🤣

Hey guys, some of you might know this but for those who do not, there is an april fools HTTP error code which is 418, it's description is 'I\'m a teapot' #TheMoreYouKnow

(felt the need to escape sorry not sorry)

Just realized ebay is an http address. Looks like I won't be using them anymore...

JFrog Artifactory uses HTTP POST for updating and HTTP PUT for creating.

... I'm correct to be offended by this yes?

HTTP requests in Java... 💀

HTTP response code 418

I once wanted to participate in a free activity that requires signing up for a crappy website.
Unfortunately all spots for the activity I wanted were filled, so I gave it a few minutes and it turned out that the registration is done by sending an HTTP request to a domain with all of the details. So I changed the activity details and selected the hours I wanted and boom - "Thanks for signing up with our site, did you like it ?" Yes.😈

DevRant doesn't let you choose the protocol for your website. Seeing http:// on my profile makes me feel insecure.

Finally upgraded my webserver and php modules to support HTTP/2 ^^ Everything works fine.

Found out devrant.com doesn't support it though. @dfox

Fuck you apache server...
Why did your dumb ass developers decide it was a good idea to not support "expect 100 continue headers". I seriously suspect that the devs were high smoking dragon dildo ashes like they were getting ready to get a whole chair shoved up their asses.
I wasted alot of time thinking i was getting a 417 http code because i fucked up my API implementation... No, it was the dumb apache server that decided to give me the finger.

Also, whoever built the HttpClient for .net framework 4... Fuck you too for automatically adding that dumb header to PUT requests and not properly documenting this or allowing for it to be disabled in a non hacky way.

I appreciate and enjoy solving coding problems... I, however, can't stand dumb decisions like the two above.

Hotel WiFi uses http login page 😑😑😑

I would like to call out the moron who decided to control docker through HTTP when the maximum time the server can take to finish the task is longer than the HTTP timeout.
If you expect things might time out, you don't use a HTTP request. You use a resource and poll it, or Websockets, or possibly SSE.
Shoehorning your API into a frame that obviously doesn't fit doesn't help anyone. Just admit that you don't know what HTTP is and use a regular TCP socket with regular pings.

The website I'm working on went down because of a 500 HTTP error and halted my company of working

I should not code in production

PSA: If you do reverse proxying stuff, prefer unix domain sockets over localhost internet sockets, if it's on the same machine (and if it's forwarded over ssh too). You can even serve HTTP as a unix socket.

Unix domain sockets don't have the overhead of IP, so generally speaking, data will flow to your other process with much less overhead.

I've recently stopped being lazy at this, and it's worth it.

So I just spent 2 hours debugging a script that fetches data from an API. Thats all it was supposed to do. Http get some data.

It wasnt working and was giving a "parse error". Worked fine in browser.

So it turns out it was using http 0.9 (first documented http version, defined in 1991) and wasnt sending any headers. And js cant do no headers...

So yea I now have to write a tcp / http 0.9 client in js

Can we please normalise using JSON bodies for GET requests? Makes life way more easy to just have one uniform way to communicate with API's and having different parameter formats between GET and POST request. I mean, In my opinion it is not logical to do one request with query params and others with data in the request body

Whoo! I like the new Devrant theme for desktop! Great work guys!

When you are surfing on a website (a provider for mail-sending) and you suddenly get a HTTP 503.

I guess, I'll wait then.

Today I have created a server application on Python Tornado which can forward TCP Packets directly to HTTP request queue without any intermediate caching.

Our remote IOT devices (microcontrollers with sensors attached) send sensor reading over TCP Socket to our server and all the connected web applications can show the data instantly using long polling and the above mentioned technique.

Today I wasted hours trying to do a HTTP POST request by using a query string in the URL. After some hours I realised what I was doing wrong. I'm so stupid.

I built my first web server literally from scratch (standard socket lib) today! In Python <3.
It is able to execute php and get the stdout to use it in the Python script afterwards and make use of parallel connections.

Now to the real rant...
I am using HTTP/1.1. I want to use h2 (aka HTTP/2) tho. I am stuck on this. Found the papers to the specs of the h2 and spdy protocols, but they are not really helpful.

Is anyone good in this field? Please let me know :/

Imagine requesting something from a girl/boy you're interested in, and getting replies in Http codes...
What are the funniest?

402: Payment required
403: Forbidden

I need a framework that does http and websockets for C++. I have seen many that offer a crap load of stuff like widgets, Json, templates... I only need the protocols!

Do you guys have any experience in this?

Contrary to popular opinion, I still firmly stand by my belief that you should thoroughly study something in-depth before you attempt to do anything serious with it. Failure to do so will have an enormous cost of waste of time attached to it.

Here's an example:
I was using AJAX to post a multi-part request containing a file.
Now here was the problem: no matter what code I forced in the backend, the browser would in all cases refuse to prompt a SaveFileDialog (and I had turned on the option in the browser to ask the user if download). This took me two entire days and at least 100 Google queries and several RFCs to figure out.

From StackOverflow:
The cause was simply that you can't (typically) make a browser prompt a SaveFileDialog via an AJAX request, even if you set the necessary headers. Why? The browser will just dump everything back into the XmlHttpRequest object..

If you make a regular request with Content-Disposition: attachment; and so on, then it works, but yeah, not with an XmlHttpRequest.

Conclusion:
Had I better studied the HTTP spec, networking and AJAX in-depth, I would have instantly known what the cause was.

So, today a developer from a web app consuming our services requested to fix a 429 http error code (too many requests) they are seeing. The request is on an email with our managers cc'ed

I‘m currently writing a http proxy server (something like the proxy mod in Apache, but more special). One the one hand is is nice that HTTP 1.1 can use one TCP connection multiple times, but on the other hand it is very annoying. Because I need to rewrite the Host header. And therefore I need the start of the HTTP header. I solved it after some time, but now my code is more complicated than before.

Trying to upload an image, get http 500...