← All Status Codes
206
Partial Content
✅ Success Info Risk

📖 What Is HTTP 206?

The server is delivering only part of the resource due to a Range header sent by the client. Used for resumable downloads and video streaming.

🛡️ Security Implications

Range header abuse can cause excessive I/O on the server. Validate Range values and limit the number of ranges per request to prevent DoS.

🔍 Common Causes

Client sent a Range header to request a specific byte range (e.g., resuming a download or streaming video segments).

🔧 How to Fix

Implement proper Range header validation. Reject multipart range requests with excessive ranges.

🖥️ How to Check

curl -I -o /dev/null -w "%{http_code}" https://example.com

🔗 Related Success Codes

200
OK
201
Created
202
Accepted
204
No Content
📚 Learn Web Security — Free Course