HTTP status code

被一个问题耽搁了好久，最后才恍然。这是关于HTTP status的。

使用feign进行http请求，结果总是抛出异常: read 405.由于不了解feign具体原理，还总觉得是内部错误。虽然错误信息没有明确指出http返回异常，但看到405就应该敏感才对。这里就记录遇到的各种status。

 

1.405 Method Not Allowed

请求方式不允许。即服务端只允许比如get，而你使用post获取则返回405.

The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource.

restful url的含义就是资源定位，所以请求的都是resource。通过get,post,delete,option等来确定对应的行为。当请求为request的时候，服务端会返回一个response。这个response的header会告诉你他允许的行为：

Allow →GETCache-Control →no-cache, no-store, max-age=0, must-revalidateContent-Type →application/json;charset=UTF-8Date →Wed, 03 Aug 2016 12:52:52 GMTExpires →0Pragma →no-cacheStrict-Transport-Security →max-age=31536000 ; includeSubDomainsTransfer-Encoding →chunkedX-Content-Type-Options →nosniffX-Frame-Options →DENYX-XSS-Protection →1; mode=block

比如服务端：

@RequestMapping(value = "/map.json", method = RequestMethod.GET)    @ResponseBody    public Map map(){        Map map = new HashMap();        map.put("name","Ryan");        map.put("sex","man");        map.put("age",18);        List list = new ArrayList();        list.add("red");        list.add("black");        list.add("blue");        list.add("yellow");        map.put("colors",list);        return map;    }

View Code

访问的request header为：

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Encoding:gzip, deflate, sdchAccept-Language:zh-CN,zh;q=0.8Authorization:Basic YWRtaW46dGVzdA==Cache-Control:max-age=0Connection:keep-aliveHost:localhost:8080Upgrade-Insecure-Requests:1User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36

访问的request主题general为：

Request URL:http://localhost:8080/hello/map.jsonRequest Method:GETStatus Code:200 Remote Address:[::1]:8080

请求结果返回的response header为：

Cache-Control:no-cache, no-store, max-age=0, must-revalidateContent-Type:application/json;charset=UTF-8Date:Wed, 03 Aug 2016 13:08:38 GMTExpires:0Pragma:no-cacheStrict-Transport-Security:max-age=31536000 ; includeSubDomainsTransfer-Encoding:chunkedX-Content-Type-Options:nosniffX-Frame-Options:DENYX-XSS-Protection:1; mode=block

显然没看到允许的行为是否是get，因为已经访问成功了。如果请求的行为不允许才会返回 Allow method.

 

2.404 Not Found

新闻乐见。url访问的路径在服务端找不到的时候返回404.即服务端的所有路由中都不匹配你所请求的url。

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.

 

3.401 Unauthorized (RFC 7235)

需要认证的接口，当header里authorization不匹配的时候就会返回401.

Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication.^[36] 401 semantically means "unauthenticated",^[37] i.e. the user does not have the necessary credentials.Note: Some sites issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.

 使用postman访问不带header里的authorization结果：

{  "timestamp": 1470322895922,  "status": 401,  "error": "Unauthorized",  "message": "Full authentication is required to access this resource",  "path": "/hello/map.json"}

 

 4.400 Bad request

The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.

 request不能被server识别，因为畸形（格式不符合要求）。如果request没有改变，则重复访问没有用，不应该重复访问。

from stackoverflow:

A 400 means that the request was malformed. In other words, the data stream sent by the client to the server didn't follow the rules.

In the case of a REST API with a JSON payload, 400's are typically, and correctly I would say, used to indicate that the JSON is invalid in some way according to the API specification for the service.

 request不符合要求。

 

 

4.

 

http://m.2cto.com/net/201605/511672.html

https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

https://zh.wikipedia.org/wiki/HTTP%E7%8A%B6%E6%80%81%E7%A0%81

https://en.wikipedia.org/wiki/HTTP_303