Someone fills out a form, hits submit, and instead of the page they wanted they get an error. Login prompt. Missing page. Request that just refuses to go through. Feels like the site broke. Usually it didn’t, the server’s fine, it’s the request that had the problem.
A blank field here, an expired session there, a page that got deleted last month, access nobody ever granted. That’s what lands you in the http 400 range.
Fast version of the bigger picture: HTTP codes come in five blocks. 100s = still working on it. 200s = it worked. 300s = go look somewhere else. 500s = server broke. 400s = server got the request, understood it, and still couldn’t do anything with it. That last group is what this is about.
