π§ HTTP Methods & Status Codes β Cheatsheet
π Most Commonly Used HTTP Methods
GET
πΉ Has only headers
Retrieve a specific resource or collection of resources.
Should not affect data or resources.
β
Can be cached
β οΈ Avoid sending sensitive data
π Has length restrictions (canβt send large files)
POST
πΉ Has headers and body
Creates a new resource.
Each POST request should create a new resource with a unique ID.
π« Never cached.
PUT
πΉ Has headers and body
Updates a specific resource (by ID).
Replaces all current representations of the target resource with the uploaded content.
PATCH
πΉ Has headers and body
Updates partial resources.
DELETE
πΉ Has headers and body
Removes a specific resource by ID.
Removes all current representations of the target resource given by a URI.
𧩠Other HTTP Methods
HEAD
πΉ Has only headers
Same as GET but does not return a body β only headers and status line.
Used for obtaining meta-information about the entity.
OPTIONS
πΉ Has headers and body
Used to check supported HTTP methods (communication options) for the target resource.
CONNECT
Establishes a tunnel to the server identified by a given URI.
TRACE
Echoes the received request so a client can see what (if any) changes or additions have been made by intermediate servers.
β οΈ Security note: TRACE can enable malicious parties to steal cookies or credentials via XSS.
Disable TRACE requests in server configuration.
π§Ύ HTTP Status Codes
| Code | Meaning |
|---|---|
| 100 | Continue |
| 200 | OK |
| 201 | Created |
| 202 | Accepted |
| 204 | No Content |
| 302 | Found (URL redirection or use 303) |
| 400 | Bad Request |
| 401 | Unauthorized |
| 402 | Payment Required |
| 403 | Forbidden |
| 404 | Not Found |
| 408 | Request Timeout |
| 500 | Internal Server Error |
| 503 | Service Unavailable |
π HTTP Status Code Categories
| Category | Description |
|---|---|
| 1xx | Informational |
| 2xx | Success |
| 3xx | Redirection |
| 4xx | Client Error |
| 5xx | Server Error |
π« 418 β Iβm a teapot (1998 April Foolsβ joke)
You can also define custom error codes and descriptions.
π¨ Fields in HTTP Request Headers
Example of HTTP Message Headers
GET /hello.html HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE5.01; Windows NT)
Host: www.tutorialspoint.com
Accept-Encoding: gzip, deflate
Connection: Keep-AliveMeaning
- Line 1: Method, URI, and HTTP version (
GET /hello.html HTTP/1.1) - Line 2:
User-Agentβ Client browser info, where the request originates from - Line 3:
Hostβ Specifies the Internet host and port number of the resource - Line 4:
Accept-Encodingβ Restricts acceptable content-codings in the response - Line 5:
Connectionβ
Using"keep-alive"keeps the TCP connection open for subsequent requests,
improving performance and reducing CPU load via persistent connections