203 Non-Authoritative Information

HTTP response status code 203 Non-Authoritative Information is a HTTP status code that is returned by a proxy to indicate that the HTTP request was successful but the message body has been modified. Specifically, this indicates that the information contained within the message may be from an alternate source.

The message body is cacheable by default. If the default behavior needs to be overridden then the response must include the appropriate HTTP caching headers.

Table of Contents

Usage

When the 203 Non-Authoritative Information status code is received, it firstly indicates that the HTTP request was successful. However, the original status code is not available. For example, the client will not know whether the HTTP response status code is 200 OK, 201 Created, or otherwise.

Note

The use of 203 Non-Authoritative Information status code is sometimes not recommended for this reason. Alternatively, a Warning HTTP header with status code 214 Transformation Applied can be sent to indicate that a transformation has been applied, leaving the original status code in-tact.

Example

In the example, the client requests a resource through an intermediate proxy server. The hosting server has the resource stored as plain text. However, the proxy server transforms the resource to JSON format before forwarding it back to the client.

Request

GET /instructions HTTP/1.1
Host: www.example.re

Response

HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 250

<message body will follow in text format>

Response from proxy server to client

HTTP/1.1 203 Non-Authoritative Information
Content-Type: application/json
Content-Length: 265

{“response":"<message body will be embedded in this JSON object>"}

Alternate Approach

Instead of using the 203 Non-Authoritative Information status code in the example above, the proxy server can add the Warning HTTP header with 214 Transformation Applied status code, as follows:

HTTP/1.1 203 Non-Authoritative Information
HTTP/1.1 200 OK
Content-Type: application/json
Warning: 214 “Response converted to JSON format"
Content-Length: 265

{“response":"<message body will be embedded in this JSON object>"}

Notice that when using a Warning HTTP header in lieu of the 203 Non-Authoritative Information status code, the original status code is preserved and can be handled by the client accordingly.

Code references

.NET

HttpStatusCode.NonAuthoritativeInformation

Rust

http::StatusCode::NON_AUTHORITATIVE_INFORMATION

Rails

:non_authoritative_information

Go

http.StatusNonAuthoritativeInfo

Symfony

Response::HTTP_NON_AUTHORITATIVE_INFORMATION

Python3.5+

http.HTTPStatus.NON_AUTHORITATIVE_INFORMATION

Java

java.net.HttpURLConnection.HTTP_NOT_AUTHORITATIVE

Apache HttpComponents Core

org.apache.hc.core5.http.HttpStatus.SC_NON_AUTHORITATIVE_INFORMATION

Angular

@angular/common/http/HttpStatusCode.NonAuthoritativeInformation

Takeaway

HTTP response status code 203 Non-Authoritative Information indicates success but the HTTP response has been changed by an intermediate proxy server and the original status code is unrecoverable.

See also

Last updated: August 2, 2023