Become a fan of Slashdot on Facebook


Forgot your password?
Censorship The Internet Your Rights Online

An HTTP Status Code For Censorship? 369

New submitter Tryfen writes "UK ISPs are being forced to block The Pirate Bay. One is using 'HTTP 403 Forbidden' to tell users that they cannot access the site. From the article: 'However, chief among my concerns is the technical way this censorship is implemented. At the moment, my ISP serves up an HTTP 403 error.' ... As far as I am concerned, this response is factually incorrect. According to the W3C Specifications: "The 4xx class of status code is intended for cases in which the client seems to have erred."' So, should there be a specific HTTP status code to tell a user they are being censored?"
This discussion has been archived. No new comments can be posted.

An HTTP Status Code For Censorship?

Comments Filter:
  • No problem (Score:5, Funny)

    by Wonko the Sane ( 25252 ) * on Saturday June 09, 2012 @06:08PM (#40270583) Journal
    Just convince the censors to set the Evil bit on all packets returning the HTTP error code for a blocked site.
  • 666 (Score:5, Funny)

    by leromarinvit ( 1462031 ) on Saturday June 09, 2012 @06:08PM (#40270585)

    The proper status code would be "666 - Go To Hell". Served to the court, not the customer.

    • Re:666 (Score:5, Insightful)

      by __aaltlg1547 ( 2541114 ) on Saturday June 09, 2012 @06:24PM (#40270713)
      Only for religiously proscribes IPs. If it's proscribed for political reason the code is "1984 - Thoughtcrime found on site".
      • Re:666 (Score:5, Insightful)

        by FriendlyStatistician ( 2652203 ) on Saturday June 09, 2012 @06:48PM (#40270861)

        In keeping with the 3-digit status codes we already have and the use of the 4xx series to indicate that the client has apparently made an error, I think status code 451 might be more appropriate.

        RIP, Ray Bradbury.

        • Sounds like a plan. []
        • by Anonymous Coward

          I know the parent post is already modded +5 Insightful but can we force the display of the post and display it in neon green too?

          That's not only appropriate, the timing is perfect too.

          RIP, Ray Bradbury.

        • In keeping with the 3-digit status codes we already have and the use of the 4xx series to indicate that the client has apparently made an error, I think status code 451 might be more appropriate.

          RIP, Ray Bradbury.

          Whoa. What an exceptional post. It deserves a +6. And as far as I am concerned it is the hands-down best idea for a real censorship code. w00t!

        • 4xx indicates "Client Error", 5xx indicates "Server Error" (according to rfc2616).
          In case of censorship, neither ocurrs really, so 6xx does actually make sense. It's "No error, but can't continue anyway". Or maybe "Legislation error".

          Though I don't see the IETF extending a communication protocol to support censorship.

    • Re:666 (Score:5, Informative)

      by gman003 ( 1693318 ) on Saturday June 09, 2012 @07:49PM (#40271195)

      Bad idea for internationalization.

      While 666 is considered "evil" and "bad" in most Western (read: Christian) cultures, that does not apply elsewhere. Notably in Arabic-speaking countries: 6 is considered lucky, especially in combinations (one particularly wealthy Qatari spent millions on the phone number 666-6666). I have heard this is because, in Arabic, 6 is "ellah", which has obvious similarities to "Allah".

      Same with the Chinese - 6 is considered lucky, and 666 has no particular meaning. And in Jewish numerology, six is associated with God - exactly the opposite of what you intend.

      Unless you're suggesting that neither the Arabs, nor the Chinese, engage in censorship...

      • Re:666 (Score:4, Funny)

        by leromarinvit ( 1462031 ) on Saturday June 09, 2012 @08:06PM (#40271255)

        Thanks, I didn't know that, besides the obvious thing that 666, coming from Christian mythology, wouldn't be recognized (at least with the same meaning) by people with different cultural backgrounds.

        Maybe the ideal status code for China would be 6489. Then they'd have to censor the censorship, preferably by serving the original content instead...

      • Re:666 (Score:4, Interesting)

        by Attila Dimedici ( 1036002 ) on Saturday June 09, 2012 @09:17PM (#40271579)
        In Judaism the number six is associated with imperfection, which is where the number 666 originally comes from. The number seven is associated with God. The author of Revelation was a Jewish Christian who used the number 666 to indicate the failings of this number. The perfect number would have been 777, which would have been the number for God three times (with three being the number for holiness). However, the number of the beast was 666, which is imperfection claiming holiness...or another way of looking at it the Beast is completely (3 times) incomplete (the number 6).
        • Re:666 (Score:5, Informative)

          by SuricouRaven ( 1897204 ) on Saturday June 09, 2012 @09:57PM (#40271707)
          An interesting theory, but with a slight flaw: The earliest manuscripts don't say 666, but 616. It's very possible that 666 was a corruption that displaced the earlier number.
          • Re:666 (Score:5, Informative)

            by Attila Dimedici ( 1036002 ) on Saturday June 09, 2012 @10:27PM (#40271829)
            The problem with that is that the oldest manuscript reference we have to the number is a reference in writings by Iranaeus in the 2nd century AD where he says that the number is 666. The oldest manuscript copies of Revelation 13 which have the number as 616 are from the 3rd century AD. Iranaeus was a student of a student of the author of revelation. While it is possible Iranaeus was wrong about what the author of Revelation originally wrote, it is reasonable to assume that he was correct, especially since he refers to scribal errors in the number in some manuscripts.
            • E-gads, this far into the thread and nobody has mentioned that 666 and 616 are the numbers you get when you take the two most popular spellings of Nero (the roman emperor in charge at the time of writing) and use the then popular Jewish numerological practice of deriving a number from a persons name. 666 (616) wasn't the number of the devil, it was the number of the beast, and the beast was Nero.

              All religion is old politics.

      • Re:666 (Score:5, Informative)

        by Anonymous Coward on Sunday June 10, 2012 @03:52AM (#40272775)

        I have heard this is because, in Arabic, 6 is "ellah", which has obvious similarities to "Allah".


        In Arabic the number 6 is pronounced "sitteh". If fact, there is no number pronounced anywhere close to "ellah" or "allah". The only two numbers from 1 to 10 that even start with a vowel are 4 (arba'a) and 10 ('ashrah). And because Arabic numbers follow a pattern, just like most languages, this rule holds (ie: 40 starts with a vowel, 400 starts with a vowel, etc).

        Perhaps you're recalling this ( ) Christian propaganda?

  • by Gothmolly ( 148874 ) on Saturday June 09, 2012 @06:09PM (#40270587)

    Why would you tell people you're censoring them, when you can just as easily NOT tell them and keep them in the dark... you know, to CENSOR them.

    • by Nimey ( 114278 )

      Pretty much. This is a stupid question because what repressive government is going to admit that they're censoring something, and on top of that not make it some kind of crime for the service provider to let you know?

      • by SuricouRaven ( 1897204 ) on Saturday June 09, 2012 @06:18PM (#40270677)
        Quite a lot, actually. Censorship isn't always entirely secret. Sometimes it can actually achieve great popular support, when the population believes that it is enforcing morality. I'd guess the biggest reason for faking an error rather than admitting censorship is actually accountability - it reduces the chance of detection should one of the list-editors screw up and block something innocent. Take the Virgin Killer incident - most ISPs served up a fake 404 error for that. If it'd been just a minor site, rather than wikipedia, it might never have been noticed.
        • Re: (Score:2, Funny)

          by Anonymous Coward

          Quite right. When goatse and two-girls-one-cup remain uncensored - one can only imagine the horrors that are censored to save our innocent eyes from harm. God bless the censor and all who sail in her!

          Edit: captcha == decked!

          • I was thinking of somewhere like, for example, Pakistan - where the public for the most part honestly believes that blasphemous or pornographic material is not just a crime but a crime against Allah and a crime against mankind, and it is the duty of the government to protect society from such corruption. They know their internet access is censored, and are to an extent proud that their country is able to maintain such a high standard of purity free of dangerous influences. There's no need to be secret about
    • by Daetrin ( 576516 ) on Saturday June 09, 2012 @06:22PM (#40270697)
      Because the people who are implementing the censorship are not the ones who mandated the censorship, and the goals of the two bodies may not be aligned.

      In theory an ISP might want to return a "this has been censored" code in the case of anything where some outside entity forced them to censor the content so they can pass the blame on to someone else. I don't know if any ISP would actually care enough to bother implementing it, but it's certainly a possibility.
      • by Anonymous Coward on Saturday June 09, 2012 @07:19PM (#40271051)

        In practice, an ISP has complete control over what they return in this situation.

        The Used could be redirected to the [] or to the official legislation that forbade access, or one might be redirected to the homepage of a list of proxy services. If it were me in charge and I wanted to provide a public service befitting the mythical status of the benign ISP, I'd set up a simple HTML page including all of the above with a disclaimer stating that my company took a neutral position on the question of support for the newly minted Ministry of Information, and I'd include a link to Terry Gilliam's, Brazil [], as well as Marshall McCluhan []'s official website.


    • by Sir_Sri ( 199544 ) on Saturday June 09, 2012 @07:17PM (#40271037)

      Censorship need not be to hide the existence of information from the public, only restrict their access to it. The Chinese government is actively trying to hide the existence of the Tienanmen square massacre, and that's certain the form of censorship we think of most, but it's not all of it. The British government isn't hiding that the pirate bay exists, they are simply saying you aren't allowed to access it from within the UK. Pixelating porn or graphic violence isn't telling you that people don't have penises or their heads blown off it is done because seeing it could (according to the censor) be damaging to you.

      For the british government a 'censorship' code makes a lot of sense. "You are attempting to access material forbidden to persons within the UK, for information on why this information is blocked click here'. The same could be said for much of the 'morality' police in the middle east. "This site contains blasphemous material and to protect you from its content we are preventing your access, this helpful message brought to you by the police of vice and virtue'. In fact in those cases a censorship status code would be an indication that the bureaucracy is doing the job it is tasked with doing, and something they can point to as places they have blocked.

      In the same way your anti phishing filter might be censoring you from some malicious website, they're quite happy to tell you that you've been blocked from that site, because you've actually asked them to censor it for you. The government in the UK especially, was asked by the public who voted them into office to make decisions, including censoring material (as that is a government power) in their best interests.

      The UK government through the film classification board censors films and games, or it used to until some of that power was transfered to the EU. What criteria they used for censorship wasn't a secret, and they even had processes for appeals and re-evaluations if you felt like the censorship was unfair. Everyone knew what they were doing, because that was their mandate, rate films, restrict access to them, and prevent harmful material from getting into the UK. Website censorship isn't fundamentally any different, by 'importing' a banned film from the US or france or whatever you were doing the mail order equivalent of changing your DNS provider. The fact that the legal situation in the UK hasn't caught up to DNS providers yet doesn't mean it won't.

    • If they're not supposed to know then a standard 404 would do. But everyone in the UK knows PB is censored.
    • While I'm a supporter of big tinfoil, I think the fact that the people in question chose 403 -- Forbidden -- implies that they were trying to come up with something that would sort of make sense. Otherwise, they probably would have chosen a 404 or something to imply that, "Gosh, the URL must be wrong somehow."

  • Ovious, I would think.....

  • by __aaltlg1547 ( 2541114 ) on Saturday June 09, 2012 @06:11PM (#40270611)

    In a normal person's point of view, the user has not erred. The government has erred, and HTTP has no provision for that.

    From the government's point of view, the user has erred because no right-thinking user would want to access a proscribed IP.

    So what it comes down to is, should HTTP represent the user's POV or the Government's?

    • by Luke727 ( 547923 ) on Saturday June 09, 2012 @06:42PM (#40270817) Homepage Journal

      So what it comes down to is, should HTTP represent the user's POV or the Government's?

      Neither. HTTP deals with clients and servers, not users and governments. Political issues are rightfully outside of its scope.

      As for the error code, 403 (Forbidden) is described as "The server understood the request, but is refusing to fulfill it". Is this not technically accurate?

      • by next_ghost ( 1868792 ) on Saturday June 09, 2012 @07:07PM (#40270975)

        As for the error code, 403 (Forbidden) is described as "The server understood the request, but is refusing to fulfill it". Is this not technically accurate?

        It's not accurate because the server didn't even recieve the request. The request was intercepted in transit and blocked by third party.

        • Re: (Score:2, Insightful)

          by Luke727 ( 547923 )

          I don't disagree, but if you're going to make that argument then no status code can be accurate and thus the question is rendered moot. Ideally this kind of filtering would not be put in place (DNS and IP blocks should be enough), but we don't live in an ideal world. If this type of filtering is going to be put in place then, given the available options, 403 seems to be a reasonable status code to return.

        • by nabsltd ( 1313397 ) on Saturday June 09, 2012 @10:25PM (#40271819)

          It's not accurate because the server didn't even recieve the request. The request was intercepted in transit and blocked by third party.

          The "502 Bad Gateway" seems to be the correct code for the behavior. The definition [] may not be 100% accurate in that it implies the proxy (which is what this censorship is) actually received a reply from the target server.

          It would be quite funny if an ISP set the following response:
          305 Use Proxy
          Location: []

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        No it is not, because the server *is* willing to fulfil it, but never gets the request. I think there shouldn't be any status code whatsoever for this, both on the principle that censorship is wrong and shouldn't be enshrined in RFCs and on the principle that the ISP should under no circumstance be meddling with the data stream; if they can't give you the page they should just drop the connection.
        But if we have to have a status code for this, 1984 would be the obvious choice. The fact that it's four digits

    • by flonker ( 526111 )

      HTTP error codes are supplied by the server to indicate the status of the request from the server's point of view. Every response is supplying information to the client that the server knows. It's information from the server's point of view. In this case, a proxy is acting on behalf of the server, and from the proxy's point of view, the request was denied because it was forbidden. (This brings up the issue of proxies that modify content without the end-users permission, but that's a different kettle of

  • Easy (Score:5, Funny)

    by Anonymous Coward on Saturday June 09, 2012 @06:12PM (#40270617)

    Error 1984 - This site has been blocked due to government censorship

  • HTTP 451 (Score:5, Insightful)

    by IonOtter ( 629215 ) on Saturday June 09, 2012 @06:12PM (#40270621) Homepage

    I nominate HTTP 451 - Site is not permitted in your country.

    • Re:HTTP 451 (Score:5, Interesting)

      by lightknight ( 213164 ) on Saturday June 09, 2012 @06:23PM (#40270709) Homepage

      I nominate '703 - Your government is being a twat.'

      Some others:
      701 - Your ISP is being a twat.
      702 - Your organization is being a twat.
      704 - Your ISP is being a twat, and has messed with your DNS request, sending you to a spamvertizement for the domain requested.
      705 - Your ISP is throttling / packet shaping the living hell out of your connection.
      706 - Variant HTML requested (mobile, Flash-free....lots of flags in here).
      707 - The current server time (in ticks since the epoch) & the server's time zone.

    • I nominate

      HTTP 233 - because not everyone lives in "your country"

    • by dosius ( 230542 )

      451. Allusions to a fairly well known novel about censorship. I like.


    • by Idbar ( 1034346 )
      There are many options!

      402: Payment required: Someone paid to a regulator more than you did. If you want to re-establish this service, you should brive^H^H^H^H^H pay for the service.
      406: Non acceptable: Completely unacceptable what your ISP or your country is doing.
      409: Conflict (of interests): The MPAA, RIAA, local government or ISP is blocking you. Then probably redirect to 402.
      417: Expectation failed: Your expectations on your local government or your ISP have failed to you. Change your provider...
    • Re:HTTP 451 (Score:5, Insightful)

      by xeno ( 2667 ) on Saturday June 09, 2012 @07:39PM (#40271135)

      Mod parent up. This is brilliant, probably the best thing I've seen on /. in years. Following Bradbury's theme, how about.....

      HTTP 451: An error in your society has prevented your client from receiving the specified content.

      (And I love the fact that HTTP 450 paves the way for this.)

  • by St.Creed ( 853824 ) on Saturday June 09, 2012 @06:13PM (#40270635)

    Then we could use statuscode 666 Evil Government - so cool :)

    But on a slightly more serious note, the following codes would be perhaps slightly better?

    303 See Other - with a list of bittorrent sites you might want to check out :)
    305 Use Proxy - with a list of proxy servers in other countries that would enable you to get around the block :)
    503 Service Unavailable - if you think the situation is temporary :)

  • Stop. (Score:5, Insightful)

    by mikkelm ( 1000451 ) on Saturday June 09, 2012 @06:15PM (#40270653)

    None. If a site absolutely must be blocked, then blackhole its IP addresses and fail resolution on the ISP's DNS servers. Middleboxes that inspect layer 4 and above are never OK, and never part of a trustworthy ISP network unless explicitly requested by the end-user.

    • Re:Stop. (Score:5, Insightful)

      by SuricouRaven ( 1897204 ) on Saturday June 09, 2012 @06:38PM (#40270791)
      Not so easy. One IP may host many, many websites. Usually the budget ones, that don't justify dedicating an entire server. So they all get to share one address, just different vhosts. Simple IP blocking would often block additional sites, not just the one targetted.
  • Thailand (Score:5, Interesting)

    by FRiC ( 416091 ) on Saturday June 09, 2012 @06:26PM (#40270735) Homepage

    Thailand used to have a huge graphical image on a special server for censored websites. Any access on a censored URL would be forwarrded to that image. Apparently the load was so high the server would constantly crash, and eventually they deleted the image, so you get a 404 error. Now they got smarter and just display a text message telling you the website is censored by the government.

  • China Does It (Score:5, Interesting)

    by tobiah ( 308208 ) on Saturday June 09, 2012 @06:28PM (#40270741)

    Many of the services/messages blocked in China come with explicit warnings that they have attempted something illegal. And some don't.

    • Wow, the UK is becoming China, but for different reasons. I hate censorship in any form, and especially from a country I respect.

  • Fahrenheit 451 (Score:5, Insightful)

    by warewolfsmith ( 196722 ) on Saturday June 09, 2012 @06:37PM (#40270787)
    HTTP 451, This site has been burnt.
  • by Cornwallis ( 1188489 ) on Saturday June 09, 2012 @06:41PM (#40270811)

    In honor of Room 101.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      unfortunately 101 is already in use. 410 (gone, no forwarding address) is probably the smartest to use.

    • by FriendlyStatistician ( 2652203 ) on Saturday June 09, 2012 @07:46PM (#40271173)

      101 already exists, and means switching protocols. The 1xx series in general is inappropriate.

      Microsoft already used 450 as a censorship status code (for censored by Microsoft Parental Controls), so I think 451--with a nod to Ray Bradbury--would be appropriate.

  • by John Hasler ( 414242 ) on Saturday June 09, 2012 @06:55PM (#40270917) Homepage

    ..that explains the situation and encourages the user to click on a clicky that automatically files a complaint with the approporiate government agency and/or sends an email to the relevant minister. Should be maintained by a third party such as the EFF.

    • In the UK this makes sense the isps put up a legal fight against this and we have at least notional principles of free speech the isps should show their opposition with a simple informational page. But in other situations we might find a status code or codes that could be inserted into headers or other data stteams, it might be better if this was unofficial so it could be inserted subversively so technocrats don't cotton on to this.
  • by michaelmalak ( 91262 ) <> on Saturday June 09, 2012 @06:55PM (#40270919) Homepage
    This reminds me of the common quarrel, "It's not that you cheated on me, it's the way you did it, that you lied about it."
  • You simply have the legislature more than the lobbiest are paying to get the content blocked.

  • I am trying to understand how you are blocking access to a web site?
    Do your users all go thru a http proxy? What if they don't? I have three internet access points, none use a web proxy (That I know of :-)
    Do you block DNS? I can point my dns anywhere I want.
    Do you block an IP address?
    Falling back to the Internet sees censorship as a malfunction and routes around it. How do you stop people from routing around you? (WIthout begin China and having controll of all the network links in and out of the country)

  • Perhaps 560 as suggested in the article, and 561 for censorship implemented by the final server (e.g. a server in the US forbidden to deliver certain content to Iranian IPs)

    560 Censorship
        The server, while acting as a gateway or proxy, received a request it is not legally permitted to gateway or proxy.

    561 Censorship
        The server received a request it is not legally permitted to fulfill.

  • by nurb432 ( 527695 ) on Saturday June 09, 2012 @07:34PM (#40271113) Homepage Journal

    How about we just dont allow them to censor.

  • If we have an easy way of knowing that a site is censored,. very simply ... we can automatically run a proxy request every time you hit a censored site and it can be done transparently such that the user no longer has to worry. I am sure the next version of all the browsers will have that as a feature. They would interprets censorship as damage and route around it .. gee that is a novel idea !!
    • by nurb432 ( 527695 )

      Depends, it may also demonstrate that you are doing something 'wrong' ( perhaps illegal ) and if you are good citizen you will cease and desist on your own

  • It would probably be simpler and more robust to simply not reply anything at all. Just tell the router not to forward any packet to blacklisted IP addresses.

  • by Tastecicles ( 1153671 ) on Saturday June 09, 2012 @08:08PM (#40271259)

    All this is, is paving the way for EUSOPA and criminalising everyone who tries to use the Internet for anything more than clicking on iPlayer and G+. Since there will suddenly be so many crims wandering our libraries and cyber cafés, to try them all by jury would be prohibitively expensive, so what we'll end up with is TV Licensing-type day sessions in courts up and down the country, fifteen minute hearings in front of a single magistrate, and automatic defaults in favour of the copyright cartels followed by fixed penalty judgements.

    Most people who end up in front of a magistrate over TV Licensing, even if like me they don't have a TV, don't realise that they CAN and SHOULD DEMAND a trial by Jury. Over the past several years I've been in front of magistrates and walked out after informing them in no uncertain terms that I am not playing their game, that the burden is on TVLA to PROVE their case, even the point of PROVING that they have SEEN TV equipment in my home, working and tuned. What can they do? Jail me for asserting my RIGHTS under the Law of the Land? Bring it.

  • Non issue (Score:3, Informative)

    by Cigarra ( 652458 ) on Saturday June 09, 2012 @08:33PM (#40271357)
    403 is exactly right: []

    "The request was a legal request, but the server is refusing to respond to it"

    Next question please.
  • by Mozai ( 3547 ) on Saturday June 09, 2012 @08:38PM (#40271381) Homepage

    The proper one would be in the 5xx range, since the client's request is correct but the server is unable to comply.

    503 - Service Unavailable is the obvious choice.

    If we want to be cheeky about it, we could respond 305 - Use Proxy to hint that the client making the request can't come through here and must use some other path.

  • by allo ( 1728082 ) on Sunday June 10, 2012 @05:45AM (#40273067)

    you need to bribe your government to get access again.

In less than a century, computers will be making substantial progress on ... the overriding problem of war and peace. -- James Slagle