HTTP 400: Bad Request explained
If you surf the internet every day, there have probably been times where things haven’t gone exactly as planned. Occasionally your browser will display a status code instead of the desired website content. When the webserver and the client (i.e. the browser) are communicating with one another, they transfer status messages. It’s only when an error occurs that will you see a cryptic error message displayed by your web browser. The HTTP 400 code indicates that something went wrong with the client request. We explain exactly what the error message means and provide tips on how to solve the problem.
What does the 400 Bad Request error mean?
With status codes, the webserver reveals the status of the requeststo the client. If the server returns the message 200 (which you don’t normally see when surfing), it means that everything is fine. The request was successful and the desired content was transferred. It’s a different situation when the codes 400 and 500 are shown, since this indicates different types of errors.
All the 1xx codes are informational and all the 2xx codes are successful. Internet users generally see codes from 3xx and onwards: these mean that communication was successful, but that the client has to carry out an additional step. Most of these extra steps have to do with forwarding, which the browser does automatically, and which you only notice in a few cases.
This is quite different when it comes to error messages: while 5xx errors are related to the server, all 4xx codes relate to faulty requests from the client. The most well-known message is the 404 Not Found Error. The cause of the message is usually either an incorrectly written URL or deleted content.
It’s not so easy to answer the question ‘what’s gone wrong here?’ when you’re presented with a 400 error. It means that the request itself has somehow become defective. The internet protocol HTTP hasn’t been correctly adhered to (at least according to the webserver), which is why the request cannot be processed. The server has interpreted the request as faulty or even harmful. Therefore, it prevents the website from being properly displayed. The reasons for the error report are usually related to the browser used or a user error.
- Incorrect URL: Just like the 404 error, a bad request is generated if users enter the internet address incorrectly or, for example, insert special characters that aren’t allowed.
- Incorrect cookies: If the cookies in your browser are outdated or incorrect, this is another reason that an error 400 might occur.
- Outdated DNS records: Your DNS cache might contain data that links to incorrect IP addresses.
- Files too large: If you try to upload particularly large files, the server can refuse to accept them. The server classifies this as a ‘Bad Request’.
- Header too long: When communicating, the client and server use the header to define the request. Some webservers set an upper limit for the length of headers.
It’s not immediately obvious what the communication problem is when you’re presented with the error message ‘HTTP 400 Bad Request’. However, if the target webserver uses IIS 7.0, IIS 7.5, or IIS 8.0, more detailed information can be obtained from the status code:
- 400.1: Invalid Destination Header
- 400.2: Invalid Depth Header
- 400.3: Invalid If Header
- 400.4: Invalid Overwrite Header
- 400.5: Invalid Translate Header
- 400.6: Invalid Request Body
- 400.7: Invalid Content Length
- 400.8: Invalid Timeout
- 400.9: Invalid Lock Token
The 400 error doesn’t just come into play when surfing the internet. Other programs, such as e-mail clients can also receive this status code when communicating with a server.
How to fix the 400 Bad Request
When a status code displays an error message, it is sometimes enough to simply refresh the page. Especially if this is the first time the error has occurred on a website that you normally visit without problems, the problem is likely to be temporary. If refreshing the page doesn’t solve the problem, try deleting the browser cache. Maybe your web browser has saved a copy of the error message.
The next step for analyzing the problem should be the check the URL: If you entered the address manually into the browser, check to make sure you didn’t make a typo. If you clicked on a link, check the spelling in it, or go directly to the homepage, and find the right page from there.
The problem could also be due to outdated or incorrect cookies. To fix this, simply delete the corresponding record in your browser. When you visit the website again, the software creates a new cookie.
Cookies store information about website visits so the webserver knows you have visited the website in the past and what activities you undertook there. Cookie laws protect the privacy of internet users when using cookies.
Incorrect DNS entry
Another solution you can try is to delete your DNS cache. When you browse the internet, the domain names you enter are translated into IP addresses, which is how they connect to the World Wide Web. To do this, a name resolution must first be carried out with a nameserver. In order to shorten this process, your PC temporarily stores the collected data in the DNS cache. However, the next time the domain is entered into the browser, and the entry has not yet been automatically removed from the cache, the name resolution will take place directly from the cache. If this entry is corrupted or no longer up-to-date, the message ‘HTTP Bad Request’ appears.
To remove the incorrect entry, you must delete the complete DNS cache. This can be done by running the command prompt on Windows and entering this command to empty the cache:
For Mac systems, the command is dependent on which version of OS is being used. All commands are entered via the terminal:
- OS X 10.4 (Tiger): lookupd -flushcache
- OS X 10.5 (Leopard): dscacheutil -flushcache
- OS X 10.6 (Snow Leopard): dscacheutil – flushcache
- OS X 10.7 (Lion): sudo killall -HUP mDNSResponder
- OS X 10.8 (Mountain Lion): sudo killall -HUP mDNSResponder
- OS X 10.9 (Mavericks): dscacheutil -flushcashe; sudo killall -HUP mDNSResponder
- OS X 10.10 (Yosemite) (10.10.1 – 10.10.3): sudo discoverutil udnsflashcaches
- OS X 10.10 (Yosemite) (10.10.4+): sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
- OS X 10.11 (El Capitan): sudo killall -HUP mDNSResponder
- macOS 10.12 (Sierra): sudo killall -HUP mDNSResponder
Problems with HTTP header fields
As an Internet user: delete cookies and reset the browser
The HTTP 400 error occurs if the HTTP header is too long. In principle, headers don’t have a size limit, however, the target server may have set a limit. The header consists of several fields, in which requests and answers are defined. If both callers have matched the parameters, the requested data will be exchanged. If this doesn’t work, an error message will be displayed. Because this involves communication between the browser and the webserver, and 400 errors are usually caused by problems with the client, the browser is probably responsible for the error. The best way to test whether your default browser could be the cause of the problem: temporarily switch to another browser.
If the page can be accessed using your test browser, switch back to your original web browser. Delete all your cookies(if you haven’t already done so). For security reasons, it is best to delete them all instead of just one. Cookies are transferred in the header and this is how the webserver learns about your previous visit. If the browser ends up having to process too many requests, it could mean that the header will exceed the length limit.
If this solution doesn’t work, you could try reinstalling the browser completely or resetting it to its default settings. Depending on which browser you use, there are different ways to reset it. For Firefox, type in about:supportfor troubleshooting. Here, you will find plenty of information that will help you detect errors in the software. Even if you contact a support team, it’s still important to have this data. On this page, you will see a button that enables you to ‘clean up Firefox‘. When you click on it, it will delete extensions and some settings, but will keep your current settings.
In Internet Explorer, you can find the ‘Reset‘ button in the internet options under the ‘Advanced‘ tab or ‘Restore defaults‘ (under IE 6). The Microsoft browser lets you choose whether you want to delete your personal settings when resetting. Since Internet Explorer also counts cache and cookies as these types of settings, it is recommended to delete these too.
With Chrome, you will find the reset functions in the system settings. The browser keeps your personal data, like stored passwords and history, but returns everything else to its original state. Close the browser and restart it for the changes to take effect.
With Google Chrome, you can reset the browser to the default settings with a single click
REST API documentation
All the responses you can get when requesting via the API
There are several types of errors when requesting via the API.
Sending malformed data results in a 400 Bad Request response.
As JSON format is expected in all POST and PATCH requests, you will get this error response when your JSON body is malformed. For example, these are malformed JSON.
A comma is missing.
There are missing quotes for the code property.
Below is the good format. Just perfect. Don’t move a single comma. 😉
Trying to access to the API without authentication results in a 401 Unauthorized response.
The authorization header with the authentication token is missing.
Try Bearer instead of Basic as a keyword before your authentication token.
You are experiencing this kind of error and the examples given here did not help you?
Take a look at the authentication documentation. This might save your day!
Trying to perform an action without having the corresponding ACL results in a 403 Forbidden response.
You are experiencing this kind of error and you do not know how to solve it?
Take a look to the authorization documentation. This might save your day!
Trying to access to a non-existing resource results in a 404 Not Found response.
Trying to use a method on a route for which it is not implemented results in a 405 Method Not Allowed response.
Trying to give the Accept header a value different from application/json when getting data, results in a 406 Not Acceptable response.
Trying to give the Content-type header a value different from application/json when posting or patching data, results in a 415 Unsupported Media Type response.
Forgetting to give the Content-type header when posting or patching data, also results in a 415 Unsupported Media Type response.
Sending invalid data results in a 422 Unprocessable Entity response.
Sending unrecognized properties as well.
There are 3 types of client success when requesting via the API.
Getting a resource or a collection resources results in a 200 OK response.
Creating a resource results in a 201 Created response. In the Location header, you will find the route to access the newly created resource.
Updating or deleting a resource results in a 204 No Content response. In the Location header, you will find the route to access the updated resource.
Found a typo or a hole in the documentation and feel like contributing?
Join us on Github!
Review all global errors for the Mailchimp API so you can get back to work fast. Check out the Getting Started guide for more information on error handling.
Your request could not be processed.
This is a generic error.
The action requested was not valid for this resource.
This error is returned when you try to access an action that doesn’t exist. For example, /campaigns/
The resource submitted could not be validated.
For field-specific details, see field_warnings or field_errors objects. This error means that the object submitted to a POST or PATCH request failed to validate against JSON schema, and could relate to campaign, interest group, merge field, or any other available object.
We encountered an unspecified JSON parsing error.
This error means that your JSON was formatted incorrectly or was considered invalid or incomplete.
Your request did not include an API key.
This error suggests that your API key was missing from your request, or that something was formatted or named improperly in your header. Learn more about authentication for Mailchimp API 3.0.
Your API key may be invalid, or you’ve attempted to access the wrong data center.
Check that your API key was input correctly, and verify which data center to access. Learn more about authentication for Mailchimp API 3.0.
You are not permitted to access this resource.
This is a generic error.
This account has been disabled.
The Mailchimp account is deactivated. Contact our support team if you need more help.
The API key provided is linked to a different data center.
This error suggests that you tried to contact the wrong data center. It’s often associated with misconfigured libraries.
The requested resource could not be found.
This error tells you a specific resource doesn’t exist. It’s possible that the resource has been moved or deleted, or that there’s a typo in your request.
The requested method and resource are not compatible. See the Allow header for this resource’s available methods.
This error means that the requested resource does not support the HTTP method you used. Find out which methods are allowed for each resource in the API Reference.
The sub-resource requested is nested too deeply.
This uncommon error appears if you’ve tried to generate a URL with too many resources.
You can only use the X-HTTP-Method-Override header with the POST method.
This error lets you know you’ve tried to override an incompatible method. The Mailchimp API only permits method override with POST.
The fields requested from this resource are invalid.
This error suggests there is a typo in your field request or some other type of syntax error or problem that invalidates your request.
You have exceeded the limit of 10 simultaneous connections.
When you reach the connection limit, we’ll throttle server response. If any of your requests time out after you’ve reached the limit, those requests could still be considered open and continue to slow your connection. Contact the Mailchimp API support team at [email protected] if you think this is the case.
An unexpected internal error has occurred. Please contact Support for more information.
This error lets you know our servers have experienced a problem. Although this is rare, please contact [email protected] to let us know that you’ve encountered this error.
This method has been disabled.
You will see this error when your account is under compliance review.
В©2001-2019 All Rights Reserved. MailchimpВ® is a registered trademark of The Rocket Science Group.