405 Method Not Allowed

HTTP response status code 405 Method Not Allowed is a client error that is returned by the server to indicate that the resource specified by the request exists but the requested HTTP method is not allowed. For example, an HTTP method DELETE request is not allowed for a read-only resource.

The response is cacheable by default. If the default behavior needs to be overridden then the response must include the appropriate HTTP caching headers.

Table of Contents

Usage

When the 405 Method Not Allowed error message is received, the client will understand that the resource exists but the specified request is not allowed. As part of the response, the server will send an Allow header to inform the client as to which operations are currently supported.

Note

Search engines like Google will not index a URL with 405 Method Not Allowed response status, and consequently, URLs that have been indexed in the past but are now returning this HTTP status code will be removed from the search results.

Example

In the example, the client requests a resource and the server responds with the 405 Method Not Allowed status because the client is trying to use an HTTP method DELETE on a read-only resource. When parsing the response, the client learns that only HTTP methods GET, HEAD, and OPTIONS operations are allowed.

Request==

DELETE /policies.pdf HTTP/1.1
Host: www.example.re

Response

HTTP/1.1 405 Method Not Allowed
Allow: GET, HEAD, OPTIONS
Content-Type: text/html
Content-Length: 157

<html>
  <head>
    <title>Operation Not Permitted</title>
  </head>
  <body>
    <p>This resource is read-only and cannot be deleted.</p>
  </body>
</html>

Code references

.NET

HttpStatusCode.MethodNotAllowed

Rust

http::StatusCode::METHOD_NOT_ALLOWED

Rails

:method_not_allowed

Go

http.StatusMethodNotAllowed

Symfony

Response::HTTP_METHOD_NOT_ALLOWED

Python3.5+

http.HTTPStatus.METHOD_NOT_ALLOWED

Java

java.net.HttpURLConnection.HTTP_BAD_METHOD

Apache HttpComponents Core

org.apache.hc.core5.http.HttpStatus.SC_METHOD_NOT_ALLOWED

Angular

@angular/common/http/HttpStatusCode.MethodNotAllowed

Takeaway

The 405 Method Not Allowed status code indicates that the resource exists but the specified operation is not allowed. A list of acceptable HTTP methods are returned to the client.

See also

Last updated: August 2, 2023