HTTP status code

被一个问题耽搁了好久,最后才恍然。这是关于HTTP status的。

使用feign进行http请求,结果总是抛出异常: read 405.由于不了解feign具体原理,还总觉得是内部错误。虽然错误信息没有明确指出http返回异常,但看到405就应该敏感才对。这里就记录遇到的各种status。

1.405 Method Not Allowed

请求方式不允许。即服务端只允许比如get,而你使用post获取则返回405.

The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource.

restful url的含义就是资源定位,所以请求的都是resource。通过get,post,delete,option等来确定对应的行为。当请求为request的时候,服务端会返回一个response。这个response的header会告诉你他允许的行为:

Allow →GET
Cache-Control →no-cache, no-store, max-age=0, must-revalidate
Content-Type →application/json;charset=UTF-8
Date →Wed, 03 Aug 2016 12:52:52 GMT
Expires →0
Pragma →no-cache
Strict-Transport-Security →max-age=31536000 ; includeSubDomains
Transfer-Encoding →chunked
X-Content-Type-Options →nosniff
X-Frame-Options →DENY
X-XSS-Protection →1; mode=block

比如服务端:

@RequestMapping(value = "/map.json", method = RequestMethod.GET)
    @ResponseBody
    public Map map(){
        Map map = new HashMap();
        map.put("name","Ryan");
        map.put("sex","man");
        map.put("age",18);
        List list = new ArrayList();
        list.add("red");
        list.add("black");
        list.add("blue");
        list.add("yellow");
        map.put("colors",list);
        return map;
    }

访问的request header为:

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:zh-CN,zh;q=0.8
Authorization:Basic YWRtaW46dGVzdA==
Cache-Control:max-age=0
Connection:keep-alive
Host:localhost:8080
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36

访问的request主题general为:

Request URL:http://localhost:8080/hello/map.json
Request Method:GET
Status Code:200 
Remote Address:[::1]:8080

请求结果返回的response header为:

Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Type:application/json;charset=UTF-8
Date:Wed, 03 Aug 2016 13:08:38 GMT
Expires:0
Pragma:no-cache
Strict-Transport-Security:max-age=31536000 ; includeSubDomains
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

显然没看到允许的行为是否是get,因为已经访问成功了。如果请求的行为不允许才会返回 Allow method.


2.404 Not Found

新闻乐见。url访问的路径在服务端找不到的时候返回404.即服务端的所有路由中都不匹配你所请求的url。

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.


3.401 Unauthorized (RFC 7235)

需要认证的接口,当header里authorization不匹配的时候就会返回401.

Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication.[36] 401 semantically means "unauthenticated",[37] i.e. the user does not have the necessary credentials.Note: Some sites issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.

 使用postman访问不带header里的authorization结果:

{
  "timestamp": 1470322895922,
  "status": 401,
  "error": "Unauthorized",
  "message": "Full authentication is required to access this resource",
  "path": "/hello/map.json"
}

 4.400 Bad request

The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.

 request不能被server识别,因为畸形(格式不符合要求)。如果request没有改变,则重复访问没有用,不应该重复访问。

from stackoverflow:

A 400 means that the request was malformed. In other words, the data stream sent by the client to the server didn't follow the rules. In the case of a REST API with a JSON payload, 400's are typically, and correctly I would say, used to indicate that the JSON is invalid in some way according to the API specification for the service.

 request不符合要求。


502 Bad Gateway

Introduction

A server (not necessarily a Web server) is acting as a gateway or proxy to fulfil the request by the client (e.g. your Web browser or our CheckUpDown robot) to access the requested URL. This server received an invalid response from an upstream server it accessed to fulfil the request.

This usually does not mean that the upstream server is down (no response to the gateway/proxy), but rather that the upstream server and the gateway/proxy do not agree on the protocol for exchanging data. Given that Internet protocols are quite clear, it often means that one or both machines have been incorrectly or incompletely programmed.

接收服务器响应失败。

Fixing 502 errors - general

This problem is due to poor IP communication between back-end computers, possibly including the Web server at the site you are trying to visit. Before analyzing this problem, you should clear your browser cache completely.

这个问题是由于后台计算机之间的IP交换,可能包括你访问web服务器。在分析问题之前,你需要完全清空你的浏览器缓存。

If you are surfing the Web and see this problem for all Web sites you try to visit, then either 1) your ISP has a major equipment failure/overload or 2) there is something wrong with your internal Internet connection e.g. your firewall is not functioning correctly. In the first case, only your ISP can help you. In the second case, you need to fix whatever it is that is preventing you reaching the Internet.

If you get this problem for only some of the Web sites you try to visit then it is likely to be a problem at those sites i.e. one of their pieces of equipment is failing/overloaded. Contact the people at those sites.

502 errors in the HTTP cycle

Any client (e.g. your Web browser or our CheckUpDown robot) goes through the following cycle when it communicates with the Web server:

  1. Obtain an IP address from the IP name of the site (the site URL without the leading 'http://'). This lookup (conversion of IP name to IP address) is provided by domain name servers (DNSs).从DNS中获取IP.
  2. Open an IP socket connection to that IP address. 打开一个socket链接。
  3. Write an HTTP data stream through that socket. 发送请求。
  4. Receive an HTTP data stream back from the Web server in response. This data stream contains status codes whose values are determined by the HTTP protocol. Parse this data stream for status codes and other useful information.收到请求。

This error occurs in the final step above when the client receives an HTTP status code that it recognizes as '502'.这个问题发生在最后一步,客户端接收到502.

http://m.2cto.com/net/201605/511672.html

https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

https://zh.wikipedia.org/wiki/HTTP%E7%8A%B6%E6%80%81%E7%A0%81

https://en.wikipedia.org/wiki/HTTP_303

http://www.checkupdown.com/status/E502.html

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏一场梦

Servlet HTTP 状态码大全列表

1233
来自专栏Albert陈凯

2018-09-28 Ok2Curl, 将OkHttp请求转换为curl日志

源代码名称:Ok2Curl* 源代码网址:http://www.github.com/mrmike/Ok2Curl* Ok2Curl源代码文档 Ok2Cu...

1995
来自专栏用户2442861的专栏

Session原理和Tomcat实现分析

这篇文章挖掘Session的原理和tomcat实现机制。     由于HTTP是无状态的协议,客户程序每次都去web页面,都打开到web服务器的单独的连接,并...

1952
来自专栏coder修行路

Django进阶之缓存和信号

一、缓存 简介 由于Django是动态网站,所有每次请求均会去数据进行相应的操作,当程序访问量大时,耗时必然会更加明显,最简单解决方式是使用:缓存,缓存将一个某...

1969
来自专栏Python研发

Django之Session

答:       Django 完全支持匿名 Session的。 Session 框架允许每一个用户保存并取回数据。它将数据保存在服务器端,并将发送和接收, C...

1913
来自专栏Ryan Miao

重定向Http status code 303 和 302

http 302 http 303 Http 302 302是一个普通的重定向代码。直观的看来是,请求者(浏览器或者模拟http请求)发起一个请求,然后服务端重...

4455
来自专栏V站

Servlet HTTP 状态码大全列表

状态行包括 HTTP 版本(在本例中为 HTTP/1.1)、一个状态码(在本例中为 200)和一个对应于状态码的短消息(在本例中为 OK)。

1502
来自专栏优启梦

Servlet HTTP 状态码大全列表

状态行包括 HTTP 版本(在本例中为 HTTP/1.1)、一个状态码(在本例中为 200)和一个对应于状态码的短消息(在本例中为 OK)。

3727
来自专栏有趣的django

29.Django session

session  1.概述 cookie和session的区别 Cookie是保存在用户浏览器端的键值对,Session是保存在服务器端的键值对;Cookie做...

3588
来自专栏大内老A

谈谈基于OAuth 2.0的第三方认证 [下篇]

从安全的角度来讲,《中篇》介绍的Implicit类型的Authorization Grant存在这样的两个问题:其一,授权服务器没有对客户端应用进行认证,因为获...

2008

扫码关注云+社区