HTTP status response code is a common and very useful term in performance testing. Any performance testing tool primarily validates HTTP Status Response Code to mark a request as pass or fail. Many times you have seen HTTP 500/404/403 as a response code while playing back the script and that leads you to debug the script. Such type of issues may occur due to no or wrong correlation, wrong test data, server issues etc.
To deep down a little more, HTTP (Hypertext Transfer Protocol) is the method by which clients and servers communicate. When someone browses a URL, clicks a link on a webpage or submits a web form then the browser sends a request to a server to get the related response. That web request sent by a server is called an HTTP Request. When a server receives that request, it sends back an HTTP Response, with information for the client.
Basically, HTTP messages have three main parts:
- Request Type: There are 7 types of the request method
- GET: Requests data from a specified resource
- POST: Submits data to be processed to a specified resource
- HEAD: Same as GET but returns only HTTP headers and no document body
- PUT: Uploads a representation of the specified URI
- DELETE: Deletes the specified resource
- OPTIONS: Returns the HTTP methods that the server supports
- CONNECT: Converts the request connection to a transparent TCP/IP tunnel
- TRACE: To trace an entity containing the request message as received by the end server
- Header: It contains information, like Browser, OS, Accept and Cookie info.
- Body: This is the message body and could be optional
How does a performance testing tool work with HTTP?
When you record an HTTP script in a performance tool like LoadRunner, Apache JMeter then the tool captures all of the communication between the browser and the server. The captured info becomes part of the script, which is then played back. When you run the script, it interacts with the web application just like a real user. Here, one point you need to note down “The performance testing tools never work as a browser, they just simulate the real user activity”
What are the types of HTTP status codes?
HTTP status codes are categorised into five classes which are:
1. Informational: HTTP 1XX:
It indicates a provisional response, consisting only of the Status-Line.
- 100 (Continue): To inform the client that the initial part of the request has been received the client can continue by sending the remainder of the request.
- 101 (Switching Protocols): The server understands and is willing to comply with the client’s request, via the Upgrade message header field.
Note: The response containing informational class HTTP code is considered as passed in Performance Testing.
2. Successful: HTTP 2XX
It indicates that the request has been processed successfully
- 200 (OK): The request has been processed successfully.
- 201 (Created): The request was fulfilled and a new URI was created.
- 202 (Accepted): The request has been accepted for processing, but the processing has not been completed.
- 203 (Non-Authoritative Information): The returned metainformation in the entity header is not the definitive set as available from the origin server, but is gathered from a local or a third-party copy.
- 204 (No Content): The request has been received but no info to send back. The 204 response must not include a message body and thus is always terminated by the first empty line after the header fields.
- 205 (Reset Content): The server has fulfilled the request and the user agent should reset the document view which caused the request to be sent.
- 206 (Partial Content): The server has fulfilled the partial GET request for the resource.
Note: The response containing successful class HTTP code is considered as passed in Performance Testing.
3. Redirection: HTTP 3XX
It indicates that your request has not been completed and needs further action.
- 300 (Multiple Choices): Redirection
- 301 (Moved Permanently): The data requested has a new location and the change is permanent
- 302 (Found): The data requested has a different URL temporarily
- 303 (See Other): The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource.
- 304 (Not Modified): The document has not been modified as expected
- 305 (Use Proxy): The requested resource must be accessed through the proxy.
- 306 (Unused): The code is reserved for future
- 307 (Temporary Redirect): The requested resource resides temporarily under a different URI.
Note: The response containing redirection class HTTP code is considered as passed in Performance Testing; provided that redirection has been fulfiled the request and the correct response has been sent to the client (end users)
4. Client Error: HTTP 4XX
It indicates that the client makes an invalid request or is not authorised to access data.
- 400 (Bad Request): The request could not be understood by the server due to malformed syntax.
- 401 (Unauthorized): The client is not authorized to access data
- 402 (Payment Required): This code is reserved for future use
- 403 (Forbidden): Access is not required even with authorization
- 404 (Not Found): The server could not find the given resource
- 405 (Method Not Allowed): The method specified in the Request-Line is not allowed for the resource identified by the Request-URI
- 406 (Not Acceptable): The resource identified is only capable of generating response entities which have content characteristics not acceptable according to the accepted headers sent in the request.
- 407 (Proxy Authentication Required): This code is similar to 401 (Unauthorized), but indicates that the client must first authenticate itself with the proxy.
- 408 (Request Timeout): The client did not produce a request within the time that the server was prepared to wait.
- 409 (Conflict): The request could not be completed due to a conflict with the current state of the resource.
- 410 (Gone): The requested resource is no longer available on the server.
- 411 (Length Required): The server refuses to accept the request without a defined Content-Length.
- 412 (Precondition Failed): The precondition given in one or more of the request-header fields was evaluated to be false when it was tested on the server.
- 413 (Request Entity Too Large): The server is refusing to process a request because the requesting entity is larger than the server is willing or able to process.
- 414 (Request-URI Too Long): The server is refusing to service the request because the Request-URI is longer than the server is willing to interpret.
- 415 (Unsupported Media Type): The format is not supported by the requested resource for the requested method.
- 416 (Requested Range Not Satisfiable): If a request included a Range request-header field and none of the range-specifier values in this field overlap the current extent of the selected resource.
- 417 (Expectation Failed): The expectation given in an Expect request-header field could not be met by this server.
Note: The response containing the Client Error HTTP code is considered as failed in Performance Testing and required investigation in the script. The reason for such errors could be the wrong URL, wrong value of header or body field, authentication issue etc.
5. Server Error: HTTP 5XX
All errors that fall under this category indicate a server-side issue.
- 500 (Internal Server Error): The server could not fulfil the request because of an unexpected condition.
- 501 (Not Implemented): The server does not support the functionality required to fulfil the request.
- 502 (Bad Gateway): The server, while acting as a gateway or proxy, received an invalid response from the upstream server.
- 503 (Service Unavailable): The server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
- 504 (Gateway Timeout): The server, while acting as a gateway or proxy, did not receive a timely response.
- 505 (HTTP Version Not Supported): The server does not support, or refuses to support, the HTTP protocol version
Note: The response containing Server Error HTTP code is considered as failed in Performance Testing and required investigation in the script as well as server-side.
How to resolve HTTP 400 Bad Request error?
Re-check the request URL. The most common reason for a 400 Bad Request error is because the URL was typed wrong or the link that was clicked on points to a malformed URL with a specific kind of mistake in it, like a syntax problem. The wrong value in the header field may also cause 400/Bad Request.
How to resolve HTTP 500 internal server error?
Many times script was recorded successfully but failed during replay with HTTP 500 internal server error. Although this error comes under the server error category, it may be occurred due to a wrong correlation. Hence again check the script and capture all the dynamic values correctly.