Example HTTP Response
HTTP/1.1 426 Upgrade Required
Upgrade: TLS/1.3
Connection: Upgrade- HTTP to HTTPS upgrade needed
- Older TLS version not supported
- Protocol upgrade required for security
What does this mean?
Time for an upgrade! The server refuses to talk until you switch to a better, more secure protocol.
Technical Definition
The client should switch to a different protocol such as TLS/1.3.
RFC Says
"The 426 (Upgrade Required) status code indicates that the server refuses to perform the request using the current protocol but might be willing to do so after the client upgrades to a different protocol. The server MUST send an Upgrade header field in a 426 response to indicate the required protocol(s)."
Plain English:
426 means 'I need you to switch to a different protocol.' For example, forcing clients to upgrade from HTTP/1.1 to HTTP/2, or from HTTP to HTTPS. The response must include an Upgrade header telling the client which protocol to use.
Common Misinterpretation
Don't use 426 for API versioning (like forcing clients to use v2 instead of v1) - that's not about protocol upgrades. Use 426 specifically for HTTP protocol upgrades. For forcing HTTPS, many servers use 301/302 redirects instead, which is more practical.
Ready-to-use code for returning this HTTP status in your application:
// Express.js
app.get('/example', (req, res) => {
res.status(426).json({
error: 'Upgrade Required',
message: 'Your error message here'
});
});
// Native HTTP
const http = require('http');
http.createServer((req, res) => {
res.writeHead(426, { 'Content-Type': 'application/json' });
res.end(JSON.stringify({
error: 'Upgrade Required',
message: 'Your error message here'
}));
}).listen(3000);