HTTP status code

被一个问题耽搁了好久，最后才恍然。这是关于HTTP status的。

使用feign进行http请求，结果总是抛出异常: read 405.由于不了解feign具体原理，还总觉得是内部错误。虽然错误信息没有明确指出http返回异常，但看到405就应该敏感才对。这里就记录遇到的各种status。

1.405 Method Not Allowed

请求方式不允许。即服务端只允许比如get，而你使用post获取则返回405.

The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource.

restful url的含义就是资源定位，所以请求的都是resource。通过get,post,delete,option等来确定对应的行为。当请求为request的时候，服务端会返回一个response。这个response的header会告诉你他允许的行为：

Allow →GET
Cache-Control →no-cache, no-store, max-age=0, must-revalidate
Content-Type →application/json;charset=UTF-8
Date →Wed, 03 Aug 2016 12:52:52 GMT
Expires →0
Pragma →no-cache
Strict-Transport-Security →max-age=31536000 ; includeSubDomains
Transfer-Encoding →chunked
X-Content-Type-Options →nosniff
X-Frame-Options →DENY
X-XSS-Protection →1; mode=block

比如服务端：

@RequestMapping(value = "/map.json", method = RequestMethod.GET)
    @ResponseBody
    public Map map(){
        Map map = new HashMap();
        map.put("name","Ryan");
        map.put("sex","man");
        map.put("age",18);
        List list = new ArrayList();
        list.add("red");
        list.add("black");
        list.add("blue");
        list.add("yellow");
        map.put("colors",list);
        return map;
    }

访问的request header为：

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:zh-CN,zh;q=0.8
Authorization:Basic YWRtaW46dGVzdA==
Cache-Control:max-age=0
Connection:keep-alive
Host:localhost:8080
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36

访问的request主题general为：

Request URL:http://localhost:8080/hello/map.json
Request Method:GET
Status Code:200 
Remote Address:[::1]:8080

请求结果返回的response header为：

Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Type:application/json;charset=UTF-8
Date:Wed, 03 Aug 2016 13:08:38 GMT
Expires:0
Pragma:no-cache
Strict-Transport-Security:max-age=31536000 ; includeSubDomains
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

显然没看到允许的行为是否是get，因为已经访问成功了。如果请求的行为不允许才会返回 Allow method.

2.404 Not Found

新闻乐见。url访问的路径在服务端找不到的时候返回404.即服务端的所有路由中都不匹配你所请求的url。

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.

3.401 Unauthorized (RFC 7235)

需要认证的接口，当header里authorization不匹配的时候就会返回401.

Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication.[36] 401 semantically means "unauthenticated",[37] i.e. the user does not have the necessary credentials.Note: Some sites issue HTTP 401 when an IP address is banned from the website (usually the website domain) and that specific address is refused permission to access a website.

 使用postman访问不带header里的authorization结果：

{
  "timestamp": 1470322895922,
  "status": 401,
  "error": "Unauthorized",
  "message": "Full authentication is required to access this resource",
  "path": "/hello/map.json"
}

 4.400 Bad request

The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.

 request不能被server识别，因为畸形（格式不符合要求）。如果request没有改变，则重复访问没有用，不应该重复访问。

from stackoverflow:

A 400 means that the request was malformed. In other words, the data stream sent by the client to the server didn't follow the rules. In the case of a REST API with a JSON payload, 400's are typically, and correctly I would say, used to indicate that the JSON is invalid in some way according to the API specification for the service.

 request不符合要求。

502 Bad Gateway

Introduction

A server (not necessarily a Web server) is acting as a gateway or proxy to fulfil the request by the client (e.g. your Web browser or our CheckUpDown robot) to access the requested URL. This server received an invalid response from an upstream server it accessed to fulfil the request.

This usually does not mean that the upstream server is down (no response to the gateway/proxy), but rather that the upstream server and the gateway/proxy do not agree on the protocol for exchanging data. Given that Internet protocols are quite clear, it often means that one or both machines have been incorrectly or incompletely programmed.

接收服务器响应失败。

Fixing 502 errors - general

This problem is due to poor IP communication between back-end computers, possibly including the Web server at the site you are trying to visit. Before analyzing this problem, you should clear your browser cache completely.

这个问题是由于后台计算机之间的IP交换，可能包括你访问web服务器。在分析问题之前，你需要完全清空你的浏览器缓存。

If you are surfing the Web and see this problem for all Web sites you try to visit, then either 1) your ISP has a major equipment failure/overload or 2) there is something wrong with your internal Internet connection e.g. your firewall is not functioning correctly. In the first case, only your ISP can help you. In the second case, you need to fix whatever it is that is preventing you reaching the Internet.

If you get this problem for only some of the Web sites you try to visit then it is likely to be a problem at those sites i.e. one of their pieces of equipment is failing/overloaded. Contact the people at those sites.

502 errors in the HTTP cycle

Any client (e.g. your Web browser or our CheckUpDown robot) goes through the following cycle when it communicates with the Web server:

1. Obtain an IP address from the IP name of the site (the site URL without the leading 'http://'). This lookup (conversion of IP name to IP address) is provided by domain name servers (DNSs).从DNS中获取IP.
2. Open an IP socket connection to that IP address. 打开一个socket链接。
3. Write an HTTP data stream through that socket. 发送请求。
4. Receive an HTTP data stream back from the Web server in response. This data stream contains status codes whose values are determined by the HTTP protocol. Parse this data stream for status codes and other useful information.收到请求。

This error occurs in the final step above when the client receives an HTTP status code that it recognizes as '502'.这个问题发生在最后一步，客户端接收到502.

http://m.2cto.com/net/201605/511672.html

https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

https://zh.wikipedia.org/wiki/HTTP%E7%8A%B6%E6%80%81%E7%A0%81

https://en.wikipedia.org/wiki/HTTP_303

http://www.checkupdown.com/status/E502.html