HTTP Status Codes

HTTP 400 Bad Request

400
MediumWeb ServerReference page

Bad Request — the server cannot process the request because it is malformed

A 400 Bad Request indicates that the server rejected the request because its syntax, framing, or structure was invalid. It belongs to the 4xx class, which points to a problem with the request sent by the client rather than a server-side failure. Many servers emit 400 before application code runs, especially when headers, body encoding, or URL formatting cannot be parsed into a valid request.

Visual summary

A quick reference view of how HTTP 400 works: A structurally broken or garbled data package being rejected by the server's outer filter.

HTTP 400 visual summary showing a structurally broken or garbled data package being rejected by the server's outer filter.
Visual summary: 400 means the client sent a malformed or syntactically incorrect request.

What 400 Means

The shortest useful reading of this status code.

Bad Request means the server cannot process the request because it is malformed.

This status falls into the 4xx class, indicating a client-side error outcome for the request.

Quick read

Bad Request

the server cannot process the request because it is malformed

Technical Context

How this status behaves without turning the page into a repair guide.

Standard usage

A 400 response is the generic HTTP signal that the server rejected the request before normal processing could continue. It usually points to invalid syntax, malformed framing, or input the server cannot parse into a valid request object.

Technical nuance

Many frameworks also use 400 for failed validation when no more specific status code is configured. That makes 400 broader than 422, which is usually reserved for payloads that are structurally valid but semantically unacceptable to the application.

Related HTTP Codes

Nearby HTTP status codes help clarify how 400 differs inside the same response family.

Common Causes

Malformed request syntax or invalid body encoding

A common condition that triggers a 400 response when the web server evaluates the transaction.

Missing required headers or incorrect Content-Length

A common condition that triggers a 400 response when the web server evaluates the transaction.

Corrupted query string or unsupported character encoding

A common condition that triggers a 400 response when the web server evaluates the transaction.

Request body does not match the declared format

A common condition that triggers a 400 response when the web server evaluates the transaction.

Typical Scenarios

01

A client sends malformed JSON with a content type that claims the body is valid JSON

02

A proxy forwards a request with a broken Content-Length header

03

A URL contains invalid characters that the server refuses to parse

What To Know

A 400 is usually tied to the specific request that triggered it rather than to the entire site. If many unrelated requests start returning 400 at once, the common cause is often a proxy, client library, or encoding issue instead of a missing page or application crash.

Frequently Asked Questions

Common interpretation questions about HTTP 400.

A 400 response usually points to malformed request syntax, invalid encoding, broken headers, or a request body the server cannot parse into a valid format.

It is a client-side request error in the HTTP model. The server is reachable and responding, but it is rejecting the specific request it received.

A 400 error usually means the server could not parse the request correctly at all. A 422 means the request format was valid, but the content still violated application rules or validation logic.