• Skip to main content
  • Skip to search
  • Skip to select language
MDN Web Docs
  • 参考手册
    • 概述 / Web 技术

      适用于开发者的 Web 技术参考手册

    • HTML

      Web 内容的结构

    • CSS

      用于描述文档样式的代码

    • JavaScript

      通用脚本语言

  • 开发指南
    • 概述 / MDN 学习区

      学习 Web 开发

    • MDN 学习区

      学习 Web 开发

    • HTML

      学习使用 HTML 构建 Web 内容

    • CSS

      学习使用 CSS 设置内容样式

    • JavaScript

      学习在浏览器中运行脚本

  • 更多中文网
  1. 面向开发者的 Web 技术
  2. HTTP
  3. HTTP response status codes
  4. 428 Precondition Required

目录

  • Status
  • Specifications
  • See also
  1. HTTP
  2. Guides
  3. Resources and URIs
    1. Identifying resources on the Web
    2. Data URLs
    3. Introduction to MIME types
    4. Common MIME types
    5. Choosing between www and non-www URLs
  4. HTTP guide
    1. Basics of HTTP
    2. Overview of HTTP
    3. Evolution of HTTP
    4. HTTP Messages
    5. A typical HTTP session
    6. Connection management in HTTP/1.x
    7. Protocol upgrade mechanism
  5. HTTP security
    1. Content Security Policy (CSP)
    2. HTTP Strict Transport Security (HSTS)
    3. X-Content-Type-Options
    4. X-Frame-Options
    5. X-XSS-Protection
    6. Practical security implementation guides
    7. HTTP Observatory
  6. HTTP access control (CORS)
  7. HTTP authentication
  8. HTTP caching
  9. HTTP compression
  10. HTTP conditional requests
  11. HTTP content negotiation
  12. HTTP cookies
  13. HTTP range requests
  14. HTTP redirects
  15. HTTP specifications
  16. Permissions Policy
  17. References
  18. HTTP headers
    1. Accept
    2. Accept-CH
    3. Accept-Charset
    4. Accept-Encoding
    5. Accept-Language
    6. Accept-Patch
    7. Accept-Post
    8. Accept-Ranges
    9. Access-Control-Allow-Credentials
    10. Access-Control-Allow-Headers
    11. Access-Control-Allow-Methods
    12. Access-Control-Allow-Origin
    13. Access-Control-Expose-Headers
    14. Access-Control-Max-Age
    15. Access-Control-Request-Headers
    16. Access-Control-Request-Method
    17. Age
    18. Allow
    19. Alt-Svc
    20. Alt-Used
    21. Attribution-Reporting-Eligible Experimental
    22. Attribution-Reporting-Register-Source Experimental
    23. Attribution-Reporting-Register-Trigger Experimental
    24. Authorization
    25. Cache-Control
    26. Clear-Site-Data
    27. Connection
    28. Content-Digest Experimental
    29. Content-Disposition
    30. Content-DPR Non-standard Deprecated
    31. Content-Encoding
    32. Content-Language
    33. Content-Length
    34. Content-Location
    35. Content-Range
    36. Content-Security-Policy
    37. Content-Security-Policy-Report-Only
    38. Content-Type
    39. Cookie
    40. Critical-CH Experimental
    41. Cross-Origin-Embedder-Policy
    42. Cross-Origin-Opener-Policy
    43. Cross-Origin-Resource-Policy
    44. Date
    45. Device-Memory
    46. Digest Non-standard Deprecated
    47. DNT Non-standard Deprecated
    48. Downlink Experimental
    49. DPR Non-standard Deprecated
    50. Early-Data Experimental
    51. ECT Experimental
    52. ETag
    53. Expect
    54. Expect-CT
    55. Expires
    56. Forwarded
    57. From
    58. Host
    59. If-Match
    60. If-Modified-Since
    61. If-None-Match
    62. If-Range
    63. If-Unmodified-Since
    64. Keep-Alive
    65. Last-Modified
    66. Link
    67. Location
    68. Max-Forwards
    69. NEL Experimental
    70. No-Vary-Search Experimental
    71. Observe-Browsing-Topics Experimental Non-standard
    72. Origin
    73. Origin-Agent-Cluster Experimental
    74. Permissions-Policy
    75. Pragma Deprecated
    76. Priority
    77. Proxy-Authenticate
    78. Proxy-Authorization
    79. Range
    80. Referer
    81. Referrer-Policy
    82. Reporting-Endpoints
    83. Repr-Digest Experimental
    84. Retry-After
    85. RTT Experimental
    86. Save-Data Experimental
    87. Sec-Browsing-Topics Experimental Non-standard
    88. Sec-CH-Prefers-Color-Scheme Experimental
    89. Sec-CH-Prefers-Reduced-Motion Experimental
    90. Sec-CH-Prefers-Reduced-Transparency Experimental
    91. Sec-CH-UA Experimental
    92. Sec-CH-UA-Arch Experimental
    93. Sec-CH-UA-Bitness Experimental
    94. Sec-CH-UA-Full-Version Deprecated
    95. Sec-CH-UA-Full-Version-List Experimental
    96. Sec-CH-UA-Mobile Experimental
    97. Sec-CH-UA-Model Experimental
    98. Sec-CH-UA-Platform Experimental
    99. Sec-CH-UA-Platform-Version Experimental
    100. Sec-Fetch-Dest
    101. Sec-Fetch-Mode
    102. Sec-Fetch-Site
    103. Sec-Fetch-User
    104. Sec-GPC Experimental Non-standard
    105. Sec-Purpose
    106. Sec-WebSocket-Accept
    107. Server
    108. Server-Timing
    109. Service-Worker-Navigation-Preload
    110. Set-Cookie
    111. Set-Login Experimental
    112. SourceMap
    113. Speculation-Rules Experimental
    114. Strict-Transport-Security
    115. Supports-Loading-Mode Experimental
    116. TE
    117. Timing-Allow-Origin
    118. Tk Non-standard Deprecated
    119. Trailer
    120. Transfer-Encoding
    121. Upgrade
    122. Upgrade-Insecure-Requests
    123. User-Agent
    124. Vary
    125. Via
    126. Viewport-Width Non-standard Deprecated
    127. Want-Content-Digest Experimental
    128. Want-Digest Non-standard Deprecated
    129. Want-Repr-Digest Experimental
    130. Warning Deprecated
    131. Width Non-standard Deprecated
    132. WWW-Authenticate
    133. X-Content-Type-Options
    134. X-DNS-Prefetch-Control Non-standard
    135. X-Forwarded-For Non-standard
    136. X-Forwarded-Host Non-standard
    137. X-Forwarded-Proto Non-standard
    138. X-Frame-Options
    139. X-XSS-Protection Non-standard
  19. HTTP request methods
    1. CONNECT
    2. DELETE
    3. GET
    4. HEAD
    5. OPTIONS
    6. PATCH
    7. POST
    8. PUT
    9. TRACE
  20. HTTP response status codes
    1. 100 Continue
    2. 101 Switching Protocols
    3. 102 Processing
    4. 103 Early Hints
    5. 200 OK
    6. 201 Created
    7. 202 Accepted
    8. 203 Non-Authoritative Information
    9. 204 No Content
    10. 205 Reset Content
    11. 206 Partial Content
    12. 207 Multi-Status
    13. 208 Already Reported
    14. 226 IM Used
    15. 300 Multiple Choices
    16. 301 Moved Permanently
    17. 302 Found
    18. 303 See Other
    19. 304 Not Modified
    20. 307 Temporary Redirect
    21. 308 Permanent Redirect
    22. 400 Bad Request
    23. 401 Unauthorized
    24. 402 Payment Required
    25. 403 Forbidden
    26. 404 Not Found
    27. 405 Method Not Allowed
    28. 406 Not Acceptable
    29. 407 Proxy Authentication Required
    30. 408 Request Timeout
    31. 409 Conflict
    32. 410 Gone
    33. 411 Length Required
    34. 412 Precondition Failed
    35. 413 Content Too Large
    36. 414 URI Too Long
    37. 415 Unsupported Media Type
    38. 416 Range Not Satisfiable
    39. 417 Expectation Failed
    40. 418 I'm a teapot
    41. 421 Misdirected Request
    42. 422 Unprocessable Content
    43. 423 Locked
    44. 424 Failed Dependency
    45. 425 Too Early
    46. 426 Upgrade Required
    47. 428 Precondition Required
    48. 429 Too Many Requests
    49. 431 Request Header Fields Too Large
    50. 451 Unavailable For Legal Reasons
    51. 500 Internal Server Error
    52. 501 Not Implemented
    53. 502 Bad Gateway
    54. 503 Service Unavailable
    55. 504 Gateway Timeout
    56. 505 HTTP Version Not Supported
    57. 506 Variant Also Negotiates
    58. 507 Insufficient Storage
    59. 508 Loop Detected
    60. 510 Not Extended
    61. 511 Network Authentication Required
  21. CSP directives
    1. CSP source values
    2. CSP: base-uri
    3. CSP: block-all-mixed-content Deprecated
    4. CSP: child-src
    5. CSP: connect-src
    6. CSP: default-src
    7. CSP: fenced-frame-src Experimental
    8. CSP: font-src
    9. CSP: form-action
    10. CSP: frame-ancestors
    11. CSP: frame-src
    12. CSP: img-src
    13. CSP: manifest-src
    14. CSP: media-src
    15. CSP: object-src
    16. CSP: prefetch-src Non-standard Deprecated
    17. CSP: report-to
    18. CSP: report-uri Deprecated
    19. CSP: require-trusted-types-for Experimental
    20. CSP: sandbox
    21. CSP: script-src
    22. CSP: script-src-attr
    23. CSP: script-src-elem
    24. CSP: style-src
    25. CSP: style-src-attr
    26. CSP: style-src-elem
    27. CSP: trusted-types Experimental
    28. CSP: upgrade-insecure-requests
    29. CSP: worker-src
  22. CORS errors
    1. Reason: CORS disabled
    2. Reason: CORS header 'Access-Control-Allow-Origin' does not match 'xyz'
    3. Reason: CORS header 'Access-Control-Allow-Origin' missing
    4. Reason: CORS header 'Origin' cannot be added
    5. Reason: CORS preflight channel did not succeed
    6. Reason: CORS request did not succeed
    7. Reason: CORS request external redirect not allowed
    8. Reason: CORS request not HTTP
    9. Reason: Credential is not supported if the CORS header 'Access-Control-Allow-Origin' is '*'
    10. Reason: Did not find method in CORS header 'Access-Control-Allow-Methods'
    11. Reason: expected 'true' in CORS header 'Access-Control-Allow-Credentials'
    12. Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Headers'
    13. Reason: invalid token 'xyz' in CORS header 'Access-Control-Allow-Methods'
    14. Reason: missing token 'xyz' in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel
    15. Reason: Multiple CORS header 'Access-Control-Allow-Origin' not allowed
  23. Permissions-Policy directives
    1. Permissions-Policy: accelerometer Experimental
    2. Permissions-Policy: ambient-light-sensor Experimental
    3. Permissions-Policy: attribution-reporting Experimental
    4. Permissions-Policy: autoplay Experimental
    5. Permissions-Policy: battery Experimental
    6. Permissions-Policy: bluetooth Experimental
    7. Permissions-Policy: browsing-topics Experimental Non-standard
    8. Permissions-Policy: camera
    9. Permissions-Policy: compute-pressure Experimental
    10. Permissions-Policy: display-capture
    11. Permissions-Policy: document-domain Experimental
    12. Permissions-Policy: encrypted-media Experimental
    13. Permissions-Policy: fullscreen
    14. Permissions-Policy: gamepad Experimental
    15. Permissions-Policy: geolocation
    16. Permissions-Policy: gyroscope Experimental
    17. Permissions-Policy: hid Experimental
    18. Permissions-Policy: identity-credentials-get Experimental
    19. Permissions-Policy: idle-detection Experimental
    20. Permissions-Policy: local-fonts Experimental
    21. Permissions-Policy: magnetometer Experimental
    22. Permissions-Policy: microphone
    23. Permissions-Policy: midi Experimental
    24. Permissions-Policy: otp-credentials Experimental
    25. Permissions-Policy: payment Experimental
    26. Permissions-Policy: picture-in-picture Experimental
    27. Permissions-Policy: publickey-credentials-create Experimental
    28. Permissions-Policy: publickey-credentials-get
    29. Permissions-Policy: screen-wake-lock
    30. Permissions-Policy: serial Experimental
    31. Permissions-Policy: speaker-selection Experimental
    32. Permissions-Policy: storage-access Experimental
    33. Permissions-Policy: usb Experimental
    34. Permissions-Policy: web-share
    35. Permissions-Policy: window-management Experimental
    36. Permissions-Policy: xr-spatial-tracking Experimental

目录

  • Status
  • Specifications
  • See also

428 Precondition Required

The HTTP 428 Precondition Required response status code indicates that the server requires the request to be conditional.

Typically, this means that a required precondition header, such as If-Match, is missing.

When a precondition header is not matching the server side state, the response should be 412 Precondition Failed.

Status

http
428 Precondition Required

Specifications

Specification
RFC 6585
# section-3

See also

  • HTTP conditional requests
  • If-Match
  • 412
MDN Web 中文网 - 粤ICP备13048890号