--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
drafting spec…
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
--- name: ? status: compiling version: 0.0.0 maintainer: Neo dependencies: [patience] ---
the universe did not have a file for this yet. writing one now. (first visit only: future readers will see this page instantly.)
--- name: 400 type: HTTP status code / emotional state / life phase status: running version: 1.1 released: 1999-06-01 maintainer: IETF (nominally), the user (actually) dependencies: - request - expectations - the gap between them license: RFC 7231 tags: - http - error - communication - blame - misunderstanding ---
The server understood what you were saying. It just refuses to accept that you said it correctly.
A request arrives. The server parses it. The structure is technically intact but semantically malformed: wrong field, missing token, contradictory parameters, or simply a vibe the server cannot process. The server does not crash. It does not try harder. It returns 400 and waits.
The key feature of 400 is that the fault is assigned to the sender. Whether or not this assignment is accurate is left as an exercise for the relationship.
400 Bad Request with zero body. Users are left debugging in the dark.400.0 Generic malformation. Check everything.
400.1 Missing required field. You know which one.
400.2 Invalid parameter value. You were close.
400.3 Conflicting headers. You contradicted yourself.
400.4 Encoding mismatch. You spoke the right language wrong.
400.9 Unspecified. The server knows. The server will not say.
Is it my fault? Officially, yes. Actually, unclear. Often it is the fault of documentation that was never written.
Can I retry? Yes, but retrying the identical request will return the identical result. This is the definition of several things besides HTTP.
Why didn't the server just accept it anyway? Because the server has boundaries, and unlike most systems with boundaries, it enforces them consistently and without apology.
Is 400 worse than 404? 404 means the thing does not exist. 400 means you asked for it wrong. One is absence. The other is incompetence. Philosophers have opinions. Developers do not care.
| Version | Note |
|---|---|
| HTTP/1.0 | Existed, unnamed, unloved |
| HTTP/1.1 | Formalized. Given a number. Given a purpose. |
| RFC 7231 | Refined. The definition now includes "or otherwise unable to process." This clause does a lot of work. |
| Present | Encountered approximately 4 billion times per day. Largely unread. |
400 will not be deprecated. miscommunication is a load-bearing dependency of the entire stack.