[Docs] [txt|pdf] [draft-ietf-http...] [Tracker] [Diff1] [Diff2] [Errata]

PROPOSED STANDARD
Errata Exist
Internet Engineering Task Force (IETF)                  R. Fielding, Ed.
Request for Comments: 7231                                         Adobe
Obsoletes: 2616                                          J. Reschke, Ed.
Updates: 2817                                                 greenbytes
Category: Standards Track                                      June 2014
ISSN: 2070-1721


        Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content

Abstract

    The Hypertext Transfer Protocol (HTTP) is a stateless application-
    level protocol for distributed, collaborative, hypertext information
    systems.  This document defines the semantics of HTTP/1.1 messages,
    as expressed by request methods, request header fields, response
    status codes, and response header fields, along with the payload of
    messages (metadata and body content) and mechanisms for content
    negotiation.



RFC 7231             HTTP/1.1 Semantics and Content            June 2014


6.5.3.  403 Forbidden

    The 403 (Forbidden) status code indicates that the server understood
    the request but refuses to authorize it.  A server that wishes to
    make public why the request has been forbidden can describe that
    reason in the response payload (if any).

    If authentication credentials were provided in the request, the
    server considers them insufficient to grant access.  The client
    SHOULD NOT automatically repeat the request with the same
    credentials.  The client MAY repeat the request with new or different
    credentials.  However, a request might be forbidden for reasons
    unrelated to the credentials.

    An origin server that wishes to "hide" the current existence of a
    forbidden target resource MAY instead respond with a status code of
    404 (Not Found).




Fielding & Reschke           Standards Track                   [Page 59]