Net
The network error codes.
Entries
An asynchronous IO operation is not yet complete. This usually does not indicate a fatal error.
An argument to the function is incorrect.
The handle or file descriptor is invalid.
The file or directory cannot be found.
The file is too large.
An unexpected error. This may be caused by a programming mistake or an invalid assumption.
Permission to access a resource, other than the network, was denied.
The operation failed because of unimplemented functionality.
There were not enough resources to complete the operation.
Memory allocation failed.
The file upload failed because the file's modification time was different from the expectation.
The socket is not connected.
The file already exists.
The path or file name is too long.
Not enough room left on the disk.
The file has a virus.
The client chose to block the request.
The network changed.
The request was blocked by the URL block list configured by the domain administrator.
The socket is already connected.
The upload failed because the upload stream needed to be re-read, due to a retry or a redirect, but the upload stream doesn't support that operation.
The request failed because the URLRequestContext is shutting down, or has been shut down.
The request failed because the response was delivered along with requirements which are not met (X-Frame-Options and Content-Security-Policy ancestor checks and Cross-Origin-Resource-Policy, for instance).
A connection was closed (corresponding to a TCP FIN).
A connection was reset (corresponding to a TCP RST).
A connection attempt was refused.
A connection timed out as a result of not receiving an ACK for data sent. This can include a FIN packet that did not get ACK'd.
A connection attempt failed.
The host name could not be resolved.
The Internet connection has been lost.
An SSL protocol error occurred.
The IP address or port number is invalid (e.g., cannot connect to the IP address 0 or the port 0).
The IP address is unreachable. This usually means that there is no route to the specified host or network.
The server requested a client certificate for SSL client authentication.
A tunnel connection through the proxy could not be established.
The client and server don't support a common SSL protocol version or cipher suite.
The server requested a renegotiation (rehandshake).
The proxy requested authentication (for tunnel establishment) with an unsupported method.
The SSL handshake failed because of a bad or missing client certificate.
A connection attempt timed out.
There are too many pending DNS resolves, so a request in the queue was aborted.
Failed establishing a connection to the SOCKS proxy server for a target host.
The SOCKS proxy server failed establishing connection to the target host because that host is unreachable.
The request to negotiate an alternate protocol failed.
The peer sent an SSL no_renegotiation alert message.
Winsock sometimes reports more data written than passed. This can be due to a broken LSP.
An SSL peer sent us a fatal decompression_failure alert. This typically occurs when a peer selects DEFLATE compression in the mistaken belief that it supports it.
An SSL peer sent us a fatal bad_record_mac alert. This has been observed from servers with buggy DEFLATE support.
The proxy requested authentication for tunnel establishment.
A failure to create a connection to the proxy server.
A mandatory proxy configuration could not be used. Currently, this means that a mandatory PAC script could not be fetched, parsed or executed.
The max socket limit for the socket pool has been hit while pre-connecting. The library doesn't bother trying to pre-connect more sockets.
The permission to use the SSL client certificate's private key was denied.
The SSL client certificate has no private key.
The certificate presented by the HTTPS Proxy was invalid.
An error occurred when trying to do a name resolution (DNS).
Permission to access the network was denied. This is used to distinguish errors that were most likely caused by a firewall from other access denied errors.
The request throttler module cancelled this request to avoid DDOS.
We were unable to sign the CertificateVerify data of an SSL client auth handshake with the client certificate's private key.
The message was too large for the transport. For example, a UDP message which exceeds size threshold.
Websocket protocol error. Indicates that we are terminating the connection due to a malformed frame or other protocol violation.
Returned when attempting to bind an address that is already in use.
The certificate didn't match the built-in public key pins for the host name.
Server request for client certificate did not contain any types we support.
An SSL peer sent us a fatal decrypt_error alert. This typically occurs when a peer could not correctly verify a signature (in CertificateVerify or ServerKeyExchange) or validate a Finished message.
There are too many pending WebSocketJob instances, so the new job was not pushed to the queue.
The SSL server certificate changed in a renegotiation.
The SSL server sent us a fatal unrecognized_name alert.
Failed to set the socket's receive buffer size as requested.
Failed to set the socket's send buffer size as requested.
Failed to set the socket's receive buffer size as requested, despite success return code from setsockopt.
Failed to set the socket's send buffer size as requested, despite success return code from setsockopt.
Failed to import a client certificate from the platform store into the SSL library.
Resolving a hostname to an IP address list included the IPv4 address 127.0.53.53. This is a special IP address which ICANN has recommended to indicate there was a name collision, and alert admins to a potential problem.
The SSL server presented a certificate which could not be decoded. This is not a certificate error code as no X509Certificate object is available. This error is fatal.
Certificate Transparency: Received a signed tree head that failed to parse.
Certificate Transparency: Received a signed tree head whose JSON parsing was OK but was missing some of the fields.
The attempt to reuse a connection to send proxy auth credentials failed before the AuthController was used to generate credentials. The caller should reuse the controller with a new connection. This error is only used internally by the network stack.
Certificate Transparency: Failed to parse the received consistency proof.
The SSL server required an unsupported cipher suite that has since been removed. This error will temporarily be signaled on a fallback for one or two releases immediately following a cipher suite's removal, after which the fallback will be removed.
When a WebSocket handshake is done successfully and the connection has been upgraded, the URLRequest is cancelled with this error code.
Socket ReadIfReady support is not implemented. This error should not be user visible, because the normal Read method is used as a fallback.
No socket buffer space is available.
There were no common signature algorithms between our client certificate private key and the server's preferences.
TLS 1.3 early data was rejected by the server. This will be received before any data is returned from the socket. The request should be retried with early data disabled.
TLS 1.3 early data was offered, but the server responded with TLS 1.2 or earlier. This is an internal error code to account for a backwards-compatibility issue with early data and TLS 1.2. It will be received before any data is returned from the socket. The request should be retried with early data disabled.
TLS 1.3 was enabled, but a lower version was negotiated and the server returned a value indicating it supported TLS 1.3. This is part of a security check in TLS 1.3, but it may also indicate the user is behind a buggy TLS-terminating proxy which implemented TLS 1.2 incorrectly.
The server's certificate has a keyUsage extension incompatible with the negotiated TLS key exchange method.
The server responded with a certificate whose common name did not match the host name. This could mean:
The server responded with a certificate that, by our clock, appears to either not yet be valid or to have expired. This could mean:
The server responded with a certificate that is signed by an authority we don't trust. This could mean:
The server responded with a certificate that contains errors. This error is not recoverable.
The certificate has no mechanism for determining if it is revoked. In effect, this certificate cannot be revoked.
Revocation information for the security certificate for this site is not available. This could mean:
The server responded with a certificate that has been revoked.
The server responded with a certificate that is invalid. This error is not recoverable.
The server responded with a certificate that is signed using a weak signature algorithm.
The host name specified in the certificate is not unique.
The server responded with a certificate that contains a weak key (e.g. a too-small RSA key).
The certificate claimed DNS names that are in violation of name constraints.
The certificate's validity period is too long.
Certificate Transparency was required for this connection, but the server did not provide CT information that complied with the policy.
The URL is invalid.
The scheme of the URL is disallowed.
The scheme of the URL is unknown.
Attempting to load a URL resulted in a redirect to an invalid URL.
Attempting to load a URL resulted in too many redirects.
Attempting to load a URL resulted in an unsafe redirect (e.g., a redirect to file:// is considered unsafe).
Attempting to load a URL with an unsafe port number. These are port numbers that correspond to services, which are not robust to spurious input that may be constructed as a result of an allowed web construct (e.g., HTTP looks a lot like SMTP, so form submission to port 25 is denied).
The server's response was invalid.
Error in chunked transfer encoding.
The server did not support the request method.
The response was 407 (Proxy Authentication Required), yet we did not send the request to a proxy.
The server closed the connection without sending any data.
The headers section of the response is too large.
The evaluation of the PAC script failed.
The response was 416 (Requested range not satisfiable) and the server cannot satisfy the range requested.
The identity used for authentication is invalid.
Content decoding of the response body failed.
An operation could not be completed because all network IO is suspended.
There are no supported proxies in the provided list.
There is an HTTP/2 protocol error.
Credentials could not be established during HTTP Authentication.
An HTTP Authentication scheme was tried which is not supported on this machine.
Detecting the encoding of the response failed.
No Kerberos credentials were available during HTTP Authentication.
An unexpected, but documented, SSPI or GSSAPI status code was returned.
The environment was not set up correctly for authentication (for example, no KDC could be found or the principal is unknown).
An undocumented SSPI or GSSAPI status code was returned.
The HTTP response was too big to drain.
The HTTP response contained multiple distinct Content-Length headers.
HTTP/2 headers have been received, but not all of them — status or version headers are missing, so we're expecting additional frames to complete them.
No PAC URL configuration could be retrieved from DHCP. This can indicate either a failure to retrieve the DHCP configuration, or that there was no PAC URL configured in DHCP.
The HTTP response contained multiple Content-Disposition headers.
The HTTP response contained multiple Location headers.
HTTP/2 server refused the request without processing, and sent either a GOAWAY frame with error code NO_ERROR and Last-Stream-ID lower than the stream id corresponding to the request indicating that this request has not been processed yet, or a RST_STREAM frame with error code REFUSED_STREAM.
HTTP/2 server didn't respond to the PING message.
The HTTP response body transferred fewer bytes than were advertised by the Content-Length header when the connection is closed.
The HTTP response body is transferred with Chunked-Encoding, but the terminating zero-length chunk was never sent when the connection is closed.
There is a QUIC protocol error.
The HTTP headers were truncated by an EOF.
The QUIC crypto handshake failed. This means that the server was unable to read any requests sent, so they may be resent.
Transport security is inadequate for the HTTP/2 version.
The peer violated HTTP/2 flow control.
The peer sent an improperly sized HTTP/2 frame.
Decoding or encoding of compressed HTTP/2 headers failed.
Proxy authentication requested without a valid client socket handle.
HTTP_1_1_REQUIRED error code received on HTTP/2 session.
HTTP_1_1_REQUIRED error code received on HTTP/2 session to proxy.
The PAC script terminated fatally and must be reloaded.
The server was expected to return an HTTP/1.x response, but did not. Rather than treat it as HTTP/0.9, this error is returned.
Initializing content decoding failed.
Received HTTP/2 RST_STREAM frame with NO_ERROR error code. This error should be handled internally by HTTP/2 code, and should not make it above the SpdyStream layer.
An HTTP transaction was retried too many times due for authentication or invalid certificates. This may be due to a bug in the net stack that would otherwise infinite loop, or if the server or proxy continually requests fresh credentials or presents a fresh invalid certificate.
Received an HTTP/2 frame on a closed stream.
The server returned a non-2xx HTTP response code.
The certificate presented on a QUIC connection does not chain to a known root and the origin connected to is not on a list of domains where unknown roots are allowed.
The cache does not have the requested entry.
Unable to read from the disk cache.
Unable to write to the disk cache.
The operation is not supported for this entry.
The disk cache is unable to open this entry.
The disk cache is unable to create this entry.
Multiple transactions are racing to create disk cache entries. This is an internal error returned from the HttpCache to the HttpCacheTransaction that tells the transaction to restart the entry-creation logic because the state of the cache has changed.
The cache was unable to read a checksum record on an entry. This can be returned from attempts to read from the cache. It is an internal error, returned by the SimpleCache backend, but not by any URLRequest methods or members.
The cache found an entry with an invalid checksum. This can be returned from attempts to read from the cache. It is an internal error, returned by the SimpleCache backend, but not by any URLRequest methods or members.
Internal error code for the HTTP cache. The cache lock timeout has fired.
Received a challenge after the transaction has read some data, and the credentials aren't available. There isn't a way to get them at that point.
Internal not-quite error code for the HTTP cache. In-memory hints suggest that the cache entry would not have been usable with the transaction's current configuration, e.g. load flags, mode, etc.
The disk cache is unable to doom this entry.
The disk cache is unable to open or create this entry.
The server's response was insecure, e.g. there was a cert error.
An attempt to import a client certificate failed, as the user's key database lacked a corresponding private key.
An error adding a certificate to the OS certificate database.
An error occurred while handling a signed exchange.
An error occurred while handling a Web Bundle source.
A Trust Tokens protocol operation-executing request failed for one of a number of reasons (precondition failure, internal error, bad response).
When handling a Trust Tokens protocol operation-executing request, the system found that the request's desired Trust Tokens results were already present in a local cache; as a result, the main request was cancelled.
PKCS #12 import failed due to incorrect password.
PKCS #12 import failed due to other error.
CA import failed - not a CA cert.
Import failed, a certificate already exists in database.
CA import failed due to some other error.
Server certificate import failed due to some internal error.
PKCS #12 import failed due to invalid MAC.
PKCS #12 import failed due to invalid/corrupt file.
PKCS #12 import failed due to unsupported features.
Key generation failed.
Failure to export private key.
Self-signed certificate generation failed.
The certificate database changed in some way.
DNS resolver received a malformed response.
DNS server requires TCP.
DNS server failed. This error is returned for all the following error conditions:
DNS transaction timed out.
The entry was not found in cache or other local sources, for lookups where only local sources were queried.
Suffix search list rules prevent resolution of the given host name.
Failed to sort addresses according to RFC3484.