Update HTTP status codes to modern codes (#18063)

* 2xx/3xx/4xx/5xx -> http.Status... * http.StatusFound -> http.StatusTemporaryRedirect * http.StatusMovedPermanently -> http.StatusPermanentRedirect
2025-11-04 16:40:24 +08:00 · 2022-03-23 05:54:07 +01:00
parent 395117d301
commit 3f280f89e7
76 changed files with 211 additions and 212 deletions
--- a/cmd/web_acme.go
+++ b/cmd/web_acme.go
@@ -128,5 +128,5 @@ func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
 	// URI always contains a leading slash, which would result in a double
 	// slash
 	target := strings.TrimSuffix(setting.AppURL, "/") + r.URL.RequestURI()
-	http.Redirect(w, r, target, http.StatusFound)
+	http.Redirect(w, r, target, http.StatusTemporaryRedirect)
 }
--- a/integrations/admin_user_test.go
+++ b/integrations/admin_user_test.go
@@ -46,7 +46,7 @@ func TestAdminEditUser(t *testing.T) {
 }
 func testSuccessfullEdit(t *testing.T, formData user_model.User) {
-	makeRequest(t, formData, http.StatusFound)
+	makeRequest(t, formData, http.StatusSeeOther)
 }
 func makeRequest(t *testing.T, formData user_model.User, headerCode int) {
--- a/integrations/api_branch_test.go
+++ b/integrations/api_branch_test.go
@@ -37,7 +37,7 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta
 	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branch_protections/%s?token=%s", branchName, token)
 	resp := session.MakeRequest(t, req, expectedHTTPStatus)
-	if resp.Code == 200 {
+	if resp.Code == http.StatusOK {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
 		assert.EqualValues(t, branchName, branchProtection.BranchName)
@@ -52,7 +52,7 @@ func testAPICreateBranchProtection(t *testing.T, branchName string, expectedHTTP
 	})
 	resp := session.MakeRequest(t, req, expectedHTTPStatus)
-	if resp.Code == 201 {
+	if resp.Code == http.StatusCreated {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
 		assert.EqualValues(t, branchName, branchProtection.BranchName)
@@ -65,7 +65,7 @@ func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.Bran
 	req := NewRequestWithJSON(t, "PATCH", "/api/v1/repos/user2/repo1/branch_protections/"+branchName+"?token="+token, body)
 	resp := session.MakeRequest(t, req, expectedHTTPStatus)
-	if resp.Code == 200 {
+	if resp.Code == http.StatusOK {
 		var branchProtection api.BranchProtection
 		DecodeJSON(t, resp, &branchProtection)
 		assert.EqualValues(t, branchName, branchProtection.BranchName)
--- a/integrations/api_helper_for_declarative_test.go
+++ b/integrations/api_helper_for_declarative_test.go
@@ -227,7 +227,7 @@ func doAPICreatePullRequest(ctx APITestContext, owner, repo, baseBranch, headBra
 			Title: fmt.Sprintf("create a pr from %s to %s", headBranch, baseBranch),
 		})
-		expected := 201
+		expected := http.StatusCreated
 		if ctx.ExpectedCode != 0 {
 			expected = ctx.ExpectedCode
 		}
@@ -246,7 +246,7 @@ func doAPIGetPullRequest(ctx APITestContext, owner, repo string, index int64) fu
 			owner, repo, index, ctx.Token)
 		req := NewRequest(t, http.MethodGet, urlStr)
-		expected := 200
+		expected := http.StatusOK
 		if ctx.ExpectedCode != 0 {
 			expected = ctx.ExpectedCode
 		}
@@ -287,7 +287,7 @@ func doAPIMergePullRequest(ctx APITestContext, owner, repo string, index int64)
 		expected := ctx.ExpectedCode
 		if expected == 0 {
-			expected = 200
+			expected = http.StatusOK
 		}
 		if !assert.EqualValues(t, expected, resp.Code,
@@ -310,7 +310,7 @@ func doAPIManuallyMergePullRequest(ctx APITestContext, owner, repo, commitID str
 			ctx.Session.MakeRequest(t, req, ctx.ExpectedCode)
 			return
 		}
-		ctx.Session.MakeRequest(t, req, 200)
+		ctx.Session.MakeRequest(t, req, http.StatusOK)
 	}
 }
--- a/integrations/api_pull_test.go
+++ b/integrations/api_pull_test.go
@@ -77,7 +77,7 @@ func TestAPICreatePullSuccess(t *testing.T) {
 		Base:  "master",
 		Title: "create a failure pr",
 	})
-	session.MakeRequest(t, req, 201)
+	session.MakeRequest(t, req, http.StatusCreated)
 	session.MakeRequest(t, req, http.StatusUnprocessableEntity) // second request should fail
 }
@@ -105,7 +105,7 @@ func TestAPICreatePullWithFieldsSuccess(t *testing.T) {
 	req := NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls?token=%s", owner10.Name, repo10.Name, token), opts)
-	res := session.MakeRequest(t, req, 201)
+	res := session.MakeRequest(t, req, http.StatusCreated)
 	pull := new(api.PullRequest)
 	DecodeJSON(t, res, pull)
@@ -165,7 +165,7 @@ func TestAPIEditPull(t *testing.T) {
 		Title: "create a success pr",
 	})
 	pull := new(api.PullRequest)
-	resp := session.MakeRequest(t, req, 201)
+	resp := session.MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, pull)
 	assert.EqualValues(t, "master", pull.Base.Name)
@@ -173,12 +173,12 @@ func TestAPIEditPull(t *testing.T) {
 		Base:  "feature/1",
 		Title: "edit a this pr",
 	})
-	resp = session.MakeRequest(t, req, 201)
+	resp = session.MakeRequest(t, req, http.StatusCreated)
 	DecodeJSON(t, resp, pull)
 	assert.EqualValues(t, "feature/1", pull.Base.Name)
 	req = NewRequestWithJSON(t, http.MethodPatch, fmt.Sprintf("/api/v1/repos/%s/%s/pulls/%d?token=%s", owner10.Name, repo10.Name, pull.Index, token), &api.EditPullRequestOption{
 		Base: "not-exist",
 	})
-	session.MakeRequest(t, req, 404)
+	session.MakeRequest(t, req, http.StatusNotFound)
 }
--- a/integrations/api_repo_languages_test.go
+++ b/integrations/api_repo_languages_test.go
@@ -33,7 +33,7 @@ func TestRepoLanguages(t *testing.T) {
 			"content":       "package main",
 			"commit_choice": "direct",
 		})
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 		// let gitea calculate language stats
 		time.Sleep(time.Second)
--- a/integrations/attachment_test.go
+++ b/integrations/attachment_test.go
@@ -59,7 +59,7 @@ func createAttachment(t *testing.T, session *TestSession, repoURL, filename stri
 func TestCreateAnonymousAttachment(t *testing.T) {
 	defer prepareTestEnv(t)()
 	session := emptyTestSession(t)
-	createAttachment(t, session, "user2/repo1", "image.png", generateImg(), http.StatusFound)
+	createAttachment(t, session, "user2/repo1", "image.png", generateImg(), http.StatusSeeOther)
 }
 func TestCreateIssueAttachment(t *testing.T) {
@@ -83,7 +83,7 @@ func TestCreateIssueAttachment(t *testing.T) {
 	}
 	req = NewRequestWithValues(t, "POST", link, postData)
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	test.RedirectURL(resp) // check that redirect URL exists
 	// Validate that attachment is available
--- a/integrations/auth_ldap_test.go
+++ b/integrations/auth_ldap_test.go
@@ -135,7 +135,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string, groupMapParams ...s
 		"group_team_map_removal":   groupTeamMapRemoval,
 		"user_uid":                 "DN",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 }
 func TestLDAPUserSignin(t *testing.T) {
@@ -202,7 +202,7 @@ func TestLDAPAuthChange(t *testing.T) {
 		"is_sync_enabled":          "on",
 		"is_active":                "on",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	req = NewRequest(t, "GET", href)
 	resp = session.MakeRequest(t, req, http.StatusOK)
--- a/integrations/change_default_branch_test.go
+++ b/integrations/change_default_branch_test.go
@@ -28,7 +28,7 @@ func TestChangeDefaultBranch(t *testing.T) {
 		"action": "default_branch",
 		"branch": "DefaultBranch",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	csrf = GetCSRF(t, session, branchesURL)
 	req = NewRequestWithValues(t, "POST", branchesURL, map[string]string{
--- a/integrations/create_no_session_test.go
+++ b/integrations/create_no_session_test.go
@@ -110,7 +110,7 @@ func TestSessionFileCreation(t *testing.T) {
 			"user_name": "user2",
 			"password":  userPassword,
 		})
-		resp = MakeRequest(t, req, http.StatusFound)
+		resp = MakeRequest(t, req, http.StatusSeeOther)
 		sessionID = getSessionID(t, resp)
 		assert.FileExists(t, sessionFile(tmpDir, sessionID))
--- a/integrations/delete_user_test.go
+++ b/integrations/delete_user_test.go
@@ -36,7 +36,7 @@ func TestUserDeleteAccount(t *testing.T) {
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	assertUserDeleted(t, 8)
 	unittest.CheckConsistencyFor(t, &user_model.User{})
@@ -51,7 +51,7 @@ func TestUserDeleteAccountStillOwnRepos(t *testing.T) {
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	// user should not have been deleted, because the user still owns repos
 	unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
--- a/integrations/editor_test.go
+++ b/integrations/editor_test.go
@@ -34,7 +34,7 @@ func TestCreateFile(t *testing.T) {
 			"content":       "Content",
 			"commit_choice": "direct",
 		})
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 	})
 }
@@ -48,7 +48,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 			"_csrf":     csrf,
 			"protected": "on",
 		})
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 		// Check if master branch has been locked successfully
 		flashCookie := session.GetCookie("macaron_flash")
 		assert.NotNil(t, flashCookie)
@@ -82,7 +82,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 			"_csrf":     csrf,
 			"protected": "off",
 		})
-		resp = session.MakeRequest(t, req, http.StatusFound)
+		resp = session.MakeRequest(t, req, http.StatusSeeOther)
 		// Check if master branch has been locked successfully
 		flashCookie = session.GetCookie("macaron_flash")
 		assert.NotNil(t, flashCookie)
@@ -109,7 +109,7 @@ func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePa
 			"commit_choice": "direct",
 		},
 	)
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	// Verify the change
 	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", branch, filePath))
@@ -139,7 +139,7 @@ func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, bra
 			"new_branch_name": targetBranch,
 		},
 	)
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	// Verify the change
 	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", targetBranch, filePath))
--- a/integrations/git_smart_http_test.go
+++ b/integrations/git_smart_http_test.go
@@ -24,31 +24,31 @@ func testGitSmartHTTP(t *testing.T, u *url.URL) {
 	}{
 		{
 			p:    "user2/repo1/info/refs",
-			code: 200,
+			code: http.StatusOK,
 		},
 		{
 			p:    "user2/repo1/HEAD",
-			code: 200,
+			code: http.StatusOK,
 		},
 		{
 			p:    "user2/repo1/objects/info/alternates",
-			code: 404,
+			code: http.StatusNotFound,
 		},
 		{
 			p:    "user2/repo1/objects/info/http-alternates",
-			code: 404,
+			code: http.StatusNotFound,
 		},
 		{
 			p:    "user2/repo1/../../custom/conf/app.ini",
-			code: 404,
+			code: http.StatusNotFound,
 		},
 		{
 			p:    "user2/repo1/objects/info/../../../../custom/conf/app.ini",
-			code: 404,
+			code: http.StatusNotFound,
 		},
 		{
 			p:    `user2/repo1/objects/info/..\..\..\..\custom\conf\app.ini`,
-			code: 400,
+			code: http.StatusBadRequest,
 		},
 	}
--- a/integrations/git_test.go
+++ b/integrations/git_test.go
@@ -435,7 +435,7 @@ func doProtectBranch(ctx APITestContext, branch, userToWhitelist, unprotectedFil
 				"protected":                 "on",
 				"unprotected_file_patterns": unprotectedFilePatterns,
 			})
-			ctx.Session.MakeRequest(t, req, http.StatusFound)
+			ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
 		} else {
 			user, err := user_model.GetUserByName(userToWhitelist)
 			assert.NoError(t, err)
@@ -448,7 +448,7 @@ func doProtectBranch(ctx APITestContext, branch, userToWhitelist, unprotectedFil
 				"whitelist_users":           strconv.FormatInt(user.ID, 10),
 				"unprotected_file_patterns": unprotectedFilePatterns,
 			})
-			ctx.Session.MakeRequest(t, req, http.StatusFound)
+			ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
 		}
 		// Check if master branch has been locked successfully
 		flashCookie := ctx.Session.GetCookie("macaron_flash")
--- a/integrations/integration_test.go
+++ b/integrations/integration_test.go
@@ -380,7 +380,7 @@ func loginUserWithPassword(t testing.TB, userName, password string) *TestSession
 		"user_name": userName,
 		"password":  password,
 	})
-	resp = MakeRequest(t, req, http.StatusFound)
+	resp = MakeRequest(t, req, http.StatusSeeOther)
 	ch := http.Header{}
 	ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";"))
@@ -408,7 +408,7 @@ func getTokenForLoggedInUser(t testing.TB, session *TestSession) string {
 		"_csrf": doc.GetCSRF(),
 		"name":  fmt.Sprintf("api-testing-token-%d", tokenCounter),
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	req = NewRequest(t, "GET", "/user/settings/applications")
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
--- a/integrations/issue_test.go
+++ b/integrations/issue_test.go
@@ -132,7 +132,7 @@ func testNewIssue(t *testing.T, session *TestSession, user, repo, title, content
 		"title":   title,
 		"content": content,
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	issueURL := test.RedirectURL(resp)
 	req = NewRequest(t, "GET", issueURL)
@@ -162,7 +162,7 @@ func testIssueAddComment(t *testing.T, session *TestSession, issueURL, content,
 		"content": content,
 		"status":  status,
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	req = NewRequest(t, "GET", test.RedirectURL(resp))
 	resp = session.MakeRequest(t, req, http.StatusOK)
@@ -334,16 +334,16 @@ func TestIssueRedirect(t *testing.T) {
 	// Test external tracker where style not set (shall default numeric)
 	req := NewRequest(t, "GET", path.Join("org26", "repo_external_tracker", "issues", "1"))
-	resp := session.MakeRequest(t, req, http.StatusFound)
+	resp := session.MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "https://tracker.com/org26/repo_external_tracker/issues/1", test.RedirectURL(resp))
 	// Test external tracker with numeric style
 	req = NewRequest(t, "GET", path.Join("org26", "repo_external_tracker_numeric", "issues", "1"))
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "https://tracker.com/org26/repo_external_tracker_numeric/issues/1", test.RedirectURL(resp))
 	// Test external tracker with alphanumeric style (for a pull request)
 	req = NewRequest(t, "GET", path.Join("org26", "repo_external_tracker_alpha", "issues", "1"))
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "/"+path.Join("org26", "repo_external_tracker_alpha", "pulls", "1"), test.RedirectURL(resp))
 }
--- a/integrations/links_test.go
+++ b/integrations/links_test.go
@@ -59,7 +59,7 @@ func TestRedirectsNoLogin(t *testing.T) {
 	}
 	for link, redirectLink := range redirects {
 		req := NewRequest(t, "GET", link)
-		resp := MakeRequest(t, req, http.StatusFound)
+		resp := MakeRequest(t, req, http.StatusSeeOther)
 		assert.EqualValues(t, path.Join(setting.AppSubURL, redirectLink), test.RedirectURL(resp))
 	}
 }
--- a/integrations/mirror_push_test.go
+++ b/integrations/mirror_push_test.go
@@ -89,7 +89,7 @@ func doCreatePushMirror(ctx APITestContext, address, username, password string)
 			"push_mirror_password": password,
 			"push_mirror_interval": "0",
 		})
-		ctx.Session.MakeRequest(t, req, http.StatusFound)
+		ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
 		flashCookie := ctx.Session.GetCookie("macaron_flash")
 		assert.NotNil(t, flashCookie)
@@ -110,7 +110,7 @@ func doRemovePushMirror(ctx APITestContext, address, username, password string,
 			"push_mirror_password": password,
 			"push_mirror_interval": "0",
 		})
-		ctx.Session.MakeRequest(t, req, http.StatusFound)
+		ctx.Session.MakeRequest(t, req, http.StatusSeeOther)
 		flashCookie := ctx.Session.GetCookie("macaron_flash")
 		assert.NotNil(t, flashCookie)
--- a/integrations/nonascii_branches_test.go
+++ b/integrations/nonascii_branches_test.go
@@ -18,7 +18,7 @@ func testSrcRouteRedirect(t *testing.T, session *TestSession, user, repo, route,
 	// Make request
 	req := NewRequest(t, "GET", path.Join(prefix, route))
-	resp := session.MakeRequest(t, req, http.StatusFound)
+	resp := session.MakeRequest(t, req, http.StatusSeeOther)
 	// Check Location header
 	location := resp.HeaderMap.Get("Location")
@@ -37,7 +37,7 @@ func setDefaultBranch(t *testing.T, session *TestSession, user, repo, branch str
 		"action": "default_branch",
 		"branch": branch,
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 }
 func TestNonasciiBranches(t *testing.T) {
--- a/integrations/oauth_test.go
+++ b/integrations/oauth_test.go
@@ -7,6 +7,7 @@ package integrations
 import (
 	"bytes"
 	"io"
 	"net/http"
 	"testing"
 	"code.gitea.io/gitea/modules/json"
@@ -21,20 +22,20 @@ func TestNoClientID(t *testing.T) {
 	defer prepareTestEnv(t)()
 	req := NewRequest(t, "GET", "/login/oauth/authorize")
 	ctx := loginUser(t, "user2")
-	ctx.MakeRequest(t, req, 400)
+	ctx.MakeRequest(t, req, http.StatusBadRequest)
 }
 func TestLoginRedirect(t *testing.T) {
 	defer prepareTestEnv(t)()
 	req := NewRequest(t, "GET", "/login/oauth/authorize")
-	assert.Contains(t, MakeRequest(t, req, 302).Body.String(), "/user/login")
+	assert.Contains(t, MakeRequest(t, req, http.StatusSeeOther).Body.String(), "/user/login")
 }
 func TestShowAuthorize(t *testing.T) {
 	defer prepareTestEnv(t)()
 	req := NewRequest(t, "GET", defaultAuthorize)
 	ctx := loginUser(t, "user4")
-	resp := ctx.MakeRequest(t, req, 200)
+	resp := ctx.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	htmlDoc.AssertElement(t, "#authorize-app", true)
@@ -45,7 +46,7 @@ func TestRedirectWithExistingGrant(t *testing.T) {
 	defer prepareTestEnv(t)()
 	req := NewRequest(t, "GET", defaultAuthorize)
 	ctx := loginUser(t, "user1")
-	resp := ctx.MakeRequest(t, req, 302)
+	resp := ctx.MakeRequest(t, req, http.StatusSeeOther)
 	u, err := resp.Result().Location()
 	assert.NoError(t, err)
 	assert.Equal(t, "thestate", u.Query().Get("state"))
@@ -62,7 +63,7 @@ func TestAccessTokenExchange(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	resp := MakeRequest(t, req, 200)
+	resp := MakeRequest(t, req, http.StatusOK)
 	type response struct {
 		AccessToken  string `json:"access_token"`
 		TokenType    string `json:"token_type"`
@@ -86,7 +87,7 @@ func TestAccessTokenExchangeWithoutPKCE(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	resp := MakeRequest(t, req, 200)
+	resp := MakeRequest(t, req, http.StatusOK)
 	type response struct {
 		AccessToken  string `json:"access_token"`
 		TokenType    string `json:"token_type"`
@@ -109,7 +110,7 @@ func TestAccessTokenExchangeJSON(t *testing.T) {
 		"redirect_uri":  "a",
 		"code":          "authcode",
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 }
 func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
@@ -123,7 +124,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 	// invalid client secret
 	req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
 		"grant_type":    "authorization_code",
@@ -133,7 +134,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 	// invalid redirect uri
 	req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
 		"grant_type":    "authorization_code",
@@ -143,7 +144,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 	// invalid authorization code
 	req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
 		"grant_type":    "authorization_code",
@@ -153,7 +154,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
 		"code":          "???",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 	// invalid grant_type
 	req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
 		"grant_type":    "???",
@@ -163,7 +164,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	MakeRequest(t, req, 400)
+	MakeRequest(t, req, http.StatusBadRequest)
 }
 func TestAccessTokenExchangeWithBasicAuth(t *testing.T) {
@@ -175,7 +176,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) {
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
 	req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OjRNSzhOYTZSNTVzbWRDWTBXdUNDdW1aNmhqUlBuR1k1c2FXVlJISGpKaUE9")
-	resp := MakeRequest(t, req, 200)
+	resp := MakeRequest(t, req, http.StatusOK)
 	type response struct {
 		AccessToken  string `json:"access_token"`
 		TokenType    string `json:"token_type"`
@@ -196,7 +197,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) {
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
 	req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OmJsYWJsYQ==")
-	resp = MakeRequest(t, req, 400)
+	resp = MakeRequest(t, req, http.StatusBadRequest)
 	// missing header
 	req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
@@ -205,7 +206,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	resp = MakeRequest(t, req, 400)
+	resp = MakeRequest(t, req, http.StatusBadRequest)
 }
 func TestRefreshTokenInvalidation(t *testing.T) {
@@ -218,7 +219,7 @@ func TestRefreshTokenInvalidation(t *testing.T) {
 		"code":          "authcode",
 		"code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
 	})
-	resp := MakeRequest(t, req, 200)
+	resp := MakeRequest(t, req, http.StatusOK)
 	type response struct {
 		AccessToken  string `json:"access_token"`
 		TokenType    string `json:"token_type"`
@@ -244,16 +245,16 @@ func TestRefreshTokenInvalidation(t *testing.T) {
 	assert.NoError(t, err)
 	refreshReq.Body = io.NopCloser(bytes.NewReader(bs))
-	MakeRequest(t, refreshReq, 200)
+	MakeRequest(t, refreshReq, http.StatusOK)
 	refreshReq.Body = io.NopCloser(bytes.NewReader(bs))
-	MakeRequest(t, refreshReq, 200)
+	MakeRequest(t, refreshReq, http.StatusOK)
 	// test with invalidation
 	setting.OAuth2.InvalidateRefreshTokens = true
 	refreshReq.Body = io.NopCloser(bytes.NewReader(bs))
-	MakeRequest(t, refreshReq, 200)
+	MakeRequest(t, refreshReq, http.StatusOK)
 	refreshReq.Body = io.NopCloser(bytes.NewReader(bs))
-	MakeRequest(t, refreshReq, 400)
+	MakeRequest(t, refreshReq, http.StatusBadRequest)
 }
--- a/integrations/privateactivity_test.go
+++ b/integrations/privateactivity_test.go
@@ -53,7 +53,7 @@ func testPrivateActivityHelperEnablePrivateActivity(t *testing.T) {
 		"language":              "en-US",
 		"keep_activity_private": "1",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 }
 func testPrivateActivityHelperHasVisibleActivitiesInHTMLDoc(htmlDoc *HTMLDoc) bool {
--- a/integrations/pull_create_test.go
+++ b/integrations/pull_create_test.go
@@ -38,7 +38,7 @@ func testPullCreate(t *testing.T, session *TestSession, user, repo, branch, titl
 		"_csrf": htmlDoc.GetCSRF(),
 		"title": title,
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	return resp
 }
@@ -130,7 +130,7 @@ func testDeleteRepository(t *testing.T, session *TestSession, ownerName, repoNam
 		"_csrf":     htmlDoc.GetCSRF(),
 		"repo_name": repoName,
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 }
 func TestPullBranchDelete(t *testing.T) {
@@ -139,7 +139,7 @@ func TestPullBranchDelete(t *testing.T) {
 		session := loginUser(t, "user1")
 		testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
-		testCreateBranch(t, session, "user1", "repo1", "branch/master", "master1", http.StatusFound)
+		testCreateBranch(t, session, "user1", "repo1", "branch/master", "master1", http.StatusSeeOther)
 		testEditFile(t, session, "user1", "repo1", "master1", "README.md", "Hello, World (Edited)\n")
 		resp := testPullCreate(t, session, "user1", "repo1", "master1", "This is a pull title")
--- a/integrations/pull_merge_test.go
+++ b/integrations/pull_merge_test.go
@@ -42,7 +42,7 @@ func testPullMerge(t *testing.T, session *TestSession, user, repo, pullnum strin
 		"_csrf": htmlDoc.GetCSRF(),
 		"do":    string(mergeStyle),
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	return resp
 }
@@ -220,7 +220,7 @@ func TestCantMergeConflict(t *testing.T) {
 			Base:  "base",
 			Title: "create a conflicting pr",
 		})
-		session.MakeRequest(t, req, 201)
+		session.MakeRequest(t, req, http.StatusCreated)
 		// Now this PR will be marked conflict - or at least a race will do - so drop down to pure code at this point...
 		user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{
@@ -330,7 +330,7 @@ func TestCantMergeUnrelated(t *testing.T) {
 			Base:  "base",
 			Title: "create an unrelated pr",
 		})
-		session.MakeRequest(t, req, 201)
+		session.MakeRequest(t, req, http.StatusCreated)
 		// Now this PR could be marked conflict - or at least a race may occur - so drop down to pure code at this point...
 		gitRepo, err := git.OpenRepository(path)
--- a/integrations/pull_status_test.go
+++ b/integrations/pull_status_test.go
@@ -29,7 +29,7 @@ func TestPullCreate_CommitStatus(t *testing.T) {
 				"title": "pull request from status1",
 			},
 		)
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 		req = NewRequest(t, "GET", "/user1/repo1/pulls")
 		resp := session.MakeRequest(t, req, http.StatusOK)
@@ -108,7 +108,7 @@ func TestPullCreate_EmptyChangesWithCommits(t *testing.T) {
 				"title": "pull request from status1",
 			},
 		)
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 		req = NewRequest(t, "GET", "/user1/repo1/pulls/1")
 		resp := session.MakeRequest(t, req, http.StatusOK)
--- a/integrations/release_test.go
+++ b/integrations/release_test.go
@@ -43,7 +43,7 @@ func createNewRelease(t *testing.T, session *TestSession, repoURL, tag, title st
 	}
 	req = NewRequestWithValues(t, "POST", link, postData)
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	test.RedirectURL(resp) // check that redirect URL exists
 }
--- a/integrations/rename_branch_test.go
+++ b/integrations/rename_branch_test.go
@@ -27,7 +27,7 @@ func TestRenameBranch(t *testing.T) {
 		"to":    "main",
 	}
 	req = NewRequestWithValues(t, "POST", "/user2/repo1/settings/rename_branch", postData)
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	// check new branch link
 	req = NewRequestWithValues(t, "GET", "/user2/repo1/src/branch/main/README.md", postData)
@@ -35,7 +35,7 @@ func TestRenameBranch(t *testing.T) {
 	// check old branch link
 	req = NewRequestWithValues(t, "GET", "/user2/repo1/src/branch/master/README.md", postData)
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	location := resp.HeaderMap.Get("Location")
 	assert.Equal(t, "/user2/repo1/src/branch/main/README.md", location)
--- a/integrations/repo_branch_test.go
+++ b/integrations/repo_branch_test.go
@@ -30,7 +30,7 @@ func testCreateBranch(t testing.TB, session *TestSession, user, repo, oldRefSubU
 		"new_branch_name": newBranchName,
 	})
 	resp := session.MakeRequest(t, req, expectedStatus)
-	if expectedStatus != http.StatusFound {
+	if expectedStatus != http.StatusSeeOther {
 		return ""
 	}
 	return test.RedirectURL(resp)
@@ -51,37 +51,37 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "feature/test1",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.create_success", "feature/test1"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "form.NewBranchName") + i18n.Tr("en", "form.require_error"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "feature=test1",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.create_success", "feature=test1"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      strings.Repeat("b", 101),
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "form.NewBranchName") + i18n.Tr("en", "form.max_size_error", "100"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "master",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.branch_already_exists", "master"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "master/test",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.branch_name_conflict", "master/test", "master"),
 		},
 		{
@@ -92,21 +92,21 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
 		{
 			OldRefSubURL:   "commit/65f1bf27bc3bf70f64657658635e66094edbcb4d",
 			NewBranch:      "feature/test3",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.create_success", "feature/test3"),
 		},
 		{
 			OldRefSubURL:   "branch/master",
 			NewBranch:      "v1.0.0",
 			CreateRelease:  "v1.0.0",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.tag_collision", "v1.0.0"),
 		},
 		{
 			OldRefSubURL:   "tag/v1.0.0",
 			NewBranch:      "feature/test4",
 			CreateRelease:  "v1.0.1",
-			ExpectedStatus: http.StatusFound,
+			ExpectedStatus: http.StatusSeeOther,
 			FlashMessage:   i18n.Tr("en", "repo.branch.create_success", "feature/test4"),
 		},
 	}
@@ -116,7 +116,7 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) {
 			createNewRelease(t, session, "/user2/repo1", test.CreateRelease, test.CreateRelease, false, false)
 		}
 		redirectURL := testCreateBranch(t, session, "user2", "repo1", test.OldRefSubURL, test.NewBranch, test.ExpectedStatus)
-		if test.ExpectedStatus == http.StatusFound {
+		if test.ExpectedStatus == http.StatusSeeOther {
 			req := NewRequest(t, "GET", redirectURL)
 			resp := session.MakeRequest(t, req, http.StatusOK)
 			htmlDoc := NewHTMLParser(t, resp.Body)
@@ -135,7 +135,7 @@ func TestCreateBranchInvalidCSRF(t *testing.T) {
 		"_csrf":           "fake_csrf",
 		"new_branch_name": "test",
 	})
-	resp := session.MakeRequest(t, req, http.StatusFound)
+	resp := session.MakeRequest(t, req, http.StatusSeeOther)
 	loc := resp.Header().Get("Location")
 	assert.Equal(t, setting.AppSubURL+"/", loc)
 	resp = session.MakeRequest(t, NewRequest(t, "GET", loc), http.StatusOK)
--- a/integrations/repo_fork_test.go
+++ b/integrations/repo_fork_test.go
@@ -45,7 +45,7 @@ func testRepoFork(t *testing.T, session *TestSession, ownerName, repoName, forkO
 		"uid":       fmt.Sprintf("%d", forkOwner.ID),
 		"repo_name": forkRepoName,
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	// Step4: check the existence of the forked repo
 	req = NewRequestf(t, "GET", "/%s/%s", forkOwnerName, forkRepoName)
--- a/integrations/repo_generate_test.go
+++ b/integrations/repo_generate_test.go
@@ -46,7 +46,7 @@ func testRepoGenerate(t *testing.T, session *TestSession, templateOwnerName, tem
 		"repo_name":   generateRepoName,
 		"git_content": "true",
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	// Step4: check the existence of the generated repo
 	req = NewRequestf(t, "GET", "/%s/%s", generateOwnerName, generateRepoName)
--- a/integrations/repo_migrate_test.go
+++ b/integrations/repo_migrate_test.go
@@ -33,7 +33,7 @@ func testRepoMigrate(t testing.TB, session *TestSession, cloneAddr, repoName str
 		"repo_name":  repoName,
 		"service":    fmt.Sprintf("%d", structs.PlainGitService),
 	})
-	resp = session.MakeRequest(t, req, http.StatusFound)
+	resp = session.MakeRequest(t, req, http.StatusSeeOther)
 	return resp
 }
--- a/integrations/setting_test.go
+++ b/integrations/setting_test.go
@@ -90,17 +90,17 @@ func TestSettingLandingPage(t *testing.T) {
 	setting.LandingPageURL = setting.LandingPageExplore
 	req = NewRequest(t, "GET", "/")
-	resp := MakeRequest(t, req, http.StatusFound)
+	resp := MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "/explore", resp.Header().Get("Location"))
 	setting.LandingPageURL = setting.LandingPageOrganizations
 	req = NewRequest(t, "GET", "/")
-	resp = MakeRequest(t, req, http.StatusFound)
+	resp = MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "/explore/organizations", resp.Header().Get("Location"))
 	setting.LandingPageURL = setting.LandingPageLogin
 	req = NewRequest(t, "GET", "/")
-	resp = MakeRequest(t, req, http.StatusFound)
+	resp = MakeRequest(t, req, http.StatusSeeOther)
 	assert.Equal(t, "/user/login", resp.Header().Get("Location"))
 	setting.LandingPageURL = landingPage
--- a/integrations/signout_test.go
+++ b/integrations/signout_test.go
@@ -15,7 +15,7 @@ func TestSignOut(t *testing.T) {
 	session := loginUser(t, "user2")
 	req := NewRequest(t, "POST", "/user/logout")
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	// try to view a private repo, should fail
 	req = NewRequest(t, "GET", "/user2/repo2")
--- a/integrations/signup_test.go
+++ b/integrations/signup_test.go
@@ -29,7 +29,7 @@ func TestSignup(t *testing.T) {
 		"password":  "examplePassword!1",
 		"retype":    "examplePassword!1",
 	})
-	MakeRequest(t, req, http.StatusFound)
+	MakeRequest(t, req, http.StatusSeeOther)
 	// should be able to view new user's page
 	req = NewRequest(t, "GET", "/exampleUser")
@@ -48,7 +48,7 @@ func TestSignupAsRestricted(t *testing.T) {
 		"password":  "examplePassword!1",
 		"retype":    "examplePassword!1",
 	})
-	MakeRequest(t, req, http.StatusFound)
+	MakeRequest(t, req, http.StatusSeeOther)
 	// should be able to view new user's page
 	req = NewRequest(t, "GET", "/restrictedUser")
@@ -71,7 +71,7 @@ func TestSignupEmail(t *testing.T) {
 		{"exampleUser@example.com\r\n", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)},
 		{"exampleUser@example.com\r", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)},
 		{"exampleUser@example.com\n", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)},
-		{"exampleUser@example.com", http.StatusFound, ""},
+		{"exampleUser@example.com", http.StatusSeeOther, ""},
 	}
 	for i, test := range tests {
--- a/integrations/user_avatar_test.go
+++ b/integrations/user_avatar_test.go
@@ -70,7 +70,7 @@ func TestUserAvatar(t *testing.T) {
 		req.Header.Add("X-Csrf-Token", csrf)
 		req.Header.Add("Content-Type", writer.FormDataContentType())
-		session.MakeRequest(t, req, http.StatusFound)
+		session.MakeRequest(t, req, http.StatusSeeOther)
 		user2 = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User) // owner of the repo3, is an org
--- a/integrations/user_test.go
+++ b/integrations/user_test.go
@@ -33,7 +33,7 @@ func TestRenameUsername(t *testing.T) {
 		"email":    "user2@example.com",
 		"language": "en-US",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "newUsername"})
 	unittest.AssertNotExistsBean(t, &user_model.User{Name: "user2"})
@@ -103,7 +103,7 @@ func TestRenameReservedUsername(t *testing.T) {
 			"email":    "user2@example.com",
 			"language": "en-US",
 		})
-		resp := session.MakeRequest(t, req, http.StatusFound)
+		resp := session.MakeRequest(t, req, http.StatusSeeOther)
 		req = NewRequest(t, "GET", test.RedirectURL(resp))
 		resp = session.MakeRequest(t, req, http.StatusOK)
--- a/integrations/xss_test.go
+++ b/integrations/xss_test.go
@@ -27,7 +27,7 @@ func TestXSSUserFullName(t *testing.T) {
 		"email":     user.Email,
 		"language":  "en-US",
 	})
-	session.MakeRequest(t, req, http.StatusFound)
+	session.MakeRequest(t, req, http.StatusSeeOther)
 	req = NewRequestf(t, "GET", "/%s", user.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
--- a/modules/context/api.go
+++ b/modules/context/api.go
@@ -214,7 +214,7 @@ func (ctx *APIContext) RequireCSRF() {
 	if len(headerToken) > 0 || len(formValueToken) > 0 {
 		Validate(ctx.Context, ctx.csrf)
 	} else {
-		ctx.Context.Error(401, "Missing CSRF token.")
+		ctx.Context.Error(http.StatusUnauthorized, "Missing CSRF token.")
 	}
 }
@@ -239,7 +239,7 @@ func (ctx *APIContext) CheckForOTP() {
 		return
 	}
 	if !ok {
-		ctx.Context.Error(401)
+		ctx.Context.Error(http.StatusUnauthorized)
 		return
 	}
 }
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -139,7 +139,7 @@ func RedirectToUser(ctx *Context, userName string, redirectUserID int64) {
 	if ctx.Req.URL.RawQuery != "" {
 		redirectPath += "?" + ctx.Req.URL.RawQuery
 	}
-	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath))
+	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusTemporaryRedirect)
 }
 // HasAPIError returns true if error occurs in form validation.
@@ -215,7 +215,7 @@ func (ctx *Context) HTML(status int, name base.TplName) {
 // RenderToString renders the template content to a string
 func (ctx *Context) RenderToString(name base.TplName, data map[string]interface{}) (string, error) {
 	var buf strings.Builder
-	err := ctx.Render.HTML(&buf, 200, string(name), data)
+	err := ctx.Render.HTML(&buf, http.StatusOK, string(name), data)
 	return buf.String(), err
 }
@@ -397,7 +397,7 @@ func (ctx *Context) JSON(status int, content interface{}) {
 // Redirect redirects the request
 func (ctx *Context) Redirect(location string, status ...int) {
-	code := http.StatusFound
+	code := http.StatusSeeOther
 	if len(status) == 1 {
 		code = status[0]
 	}
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -335,7 +335,7 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
 	if ctx.Req.URL.RawQuery != "" {
 		redirectPath += "?" + ctx.Req.URL.RawQuery
 	}
-	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath))
+	ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusTemporaryRedirect)
 }
 func repoAssignment(ctx *Context, repo *repo_model.Repository) {
--- a/modules/lfs/http_client_test.go
+++ b/modules/lfs/http_client_test.go
@@ -81,7 +81,7 @@ func lfsTestRoundtripHandler(req *http.Request) *http.Response {
 			Objects: []*ObjectResponse{
 				{
 					Error: &ObjectError{
-						Code:    404,
+						Code:    http.StatusNotFound,
 						Message: "Object not found",
 					},
 				},
--- a/modules/private/restore_repo.go
+++ b/modules/private/restore_repo.go
@@ -45,7 +45,7 @@ func RestoreRepo(ctx context.Context, repoDir, ownerName, repoName string, units
 	}
 	defer resp.Body.Close()
-	if resp.StatusCode != 200 {
+	if resp.StatusCode != http.StatusOK {
 		ret := struct {
 			Err string `json:"err"`
 		}{}
--- a/modules/web/route_test.go
+++ b/modules/web/route_test.go
@@ -67,7 +67,7 @@ func TestRoute2(t *testing.T) {
 				route = 1
 			})
 		}, func(resp http.ResponseWriter, req *http.Request) {
-			resp.WriteHeader(200)
+			resp.WriteHeader(http.StatusOK)
 		})
 		r.Group("/issues/{index}", func() {
--- a/routers/api/v1/org/member.go
+++ b/routers/api/v1/org/member.go
@@ -130,7 +130,7 @@ func IsMember(ctx *context.APIContext) {
 	// responses:
 	//   "204":
 	//     description: user is a member
-	//   "302":
+	//   "303":
 	//     description: redirection to /orgs/{org}/public_members/{username}
 	//   "404":
 	//     description: user is not a member
@@ -161,7 +161,7 @@ func IsMember(ctx *context.APIContext) {
 	}
 	redirectURL := setting.AppSubURL + "/api/v1/orgs/" + url.PathEscape(ctx.Org.Organization.Name) + "/public_members/" + url.PathEscape(userToCheck.Name)
-	ctx.Redirect(redirectURL, 302)
+	ctx.Redirect(redirectURL)
 }
 // IsPublicMember check if a user is a public member of an organization
--- a/routers/api/v1/repo/issue_tracked_time.go
+++ b/routers/api/v1/repo/issue_tracked_time.go
@@ -288,7 +288,7 @@ func ResetIssueTime(ctx *context.APIContext) {
 		}
 		return
 	}
-	ctx.Status(204)
+	ctx.Status(http.StatusNoContent)
 }
 // DeleteTime delete a specific time by id
--- a/routers/common/middleware.go
+++ b/routers/common/middleware.go
@@ -70,9 +70,9 @@ func Middlewares() []func(http.Handler) http.Handler {
 					combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2))
 					log.Error("%v", combinedErr)
 					if setting.IsProd {
-						http.Error(resp, http.StatusText(500), 500)
+						http.Error(resp, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 					} else {
-						http.Error(resp, combinedErr, 500)
+						http.Error(resp, combinedErr, http.StatusInternalServerError)
 					}
 				}
 			}()
--- a/routers/install/install.go
+++ b/routers/install/install.go
@@ -59,7 +59,7 @@ func Init(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
 		if setting.InstallLock {
 			resp.Header().Add("Refresh", "1; url="+setting.AppURL+"user/login")
-			_ = rnd.HTML(resp, 200, string(tplPostInstall), nil)
+			_ = rnd.HTML(resp, http.StatusOK, string(tplPostInstall), nil)
 			return
 		}
 		locale := middleware.Locale(resp, req)
--- a/routers/install/routes.go
+++ b/routers/install/routes.go
@@ -41,9 +41,9 @@ func installRecovery() func(next http.Handler) http.Handler {
 						combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2))
 						log.Error("%s", combinedErr)
 						if setting.IsProd {
-							http.Error(w, http.StatusText(500), 500)
+							http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 						} else {
-							http.Error(w, combinedErr, 500)
+							http.Error(w, combinedErr, http.StatusInternalServerError)
 						}
 					}
 				}()
@@ -66,7 +66,7 @@ func installRecovery() func(next http.Handler) http.Handler {
 					if !setting.IsProd {
 						store["ErrorMsg"] = combinedErr
 					}
-					err = rnd.HTML(w, 500, "status/500", templates.BaseVars().Merge(store))
+					err = rnd.HTML(w, http.StatusInternalServerError, "status/500", templates.BaseVars().Merge(store))
 					if err != nil {
 						log.Error("%v", err)
 					}
--- a/routers/web/admin/admin.go
+++ b/routers/web/admin/admin.go
@@ -346,7 +346,7 @@ func Queue(ctx *context.Context) {
 	qid := ctx.ParamsInt64("qid")
 	mq := queue.GetManager().GetManagedQueue(qid)
 	if mq == nil {
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
 	ctx.Data["Title"] = ctx.Tr("admin.monitor.queue", mq.Name)
@@ -361,7 +361,7 @@ func WorkerCancel(ctx *context.Context) {
 	qid := ctx.ParamsInt64("qid")
 	mq := queue.GetManager().GetManagedQueue(qid)
 	if mq == nil {
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
 	pid := ctx.ParamsInt64("pid")
@@ -377,7 +377,7 @@ func Flush(ctx *context.Context) {
 	qid := ctx.ParamsInt64("qid")
 	mq := queue.GetManager().GetManagedQueue(qid)
 	if mq == nil {
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
 	timeout, err := time.ParseDuration(ctx.FormString("timeout"))
@@ -423,7 +423,7 @@ func AddWorkers(ctx *context.Context) {
 	qid := ctx.ParamsInt64("qid")
 	mq := queue.GetManager().GetManagedQueue(qid)
 	if mq == nil {
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
 	number := ctx.FormInt("number")
@@ -453,7 +453,7 @@ func SetQueueSettings(ctx *context.Context) {
 	qid := ctx.ParamsInt64("qid")
 	mq := queue.GetManager().GetManagedQueue(qid)
 	if mq == nil {
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
 	if _, ok := mq.Managed.(queue.ManagedPool); !ok {
--- a/routers/web/admin/notice.go
+++ b/routers/web/admin/notice.go
@@ -59,10 +59,10 @@ func DeleteNotices(ctx *context.Context) {
 	if err := admin_model.DeleteNoticesByIDs(ids); err != nil {
 		ctx.Flash.Error("DeleteNoticesByIDs: " + err.Error())
-		ctx.Status(500)
+		ctx.Status(http.StatusInternalServerError)
 	} else {
 		ctx.Flash.Success(ctx.Tr("admin.notices.delete_success"))
-		ctx.Status(200)
+		ctx.Status(http.StatusOK)
 	}
 }
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@@ -462,7 +462,7 @@ func AuthorizeOAuth(ctx *context.Context) {
 				log.Error("Unable to update nonce: %v", err)
 			}
 		}
-		ctx.Redirect(redirect.String(), 302)
+		ctx.Redirect(redirect.String())
 		return
 	}
@@ -544,7 +544,7 @@ func GrantApplicationOAuth(ctx *context.Context) {
 		handleServerError(ctx, form.State, form.RedirectURI)
 		return
 	}
-	ctx.Redirect(redirect.String(), 302)
+	ctx.Redirect(redirect.String(), http.StatusSeeOther)
 }
 // OIDCWellKnown generates JSON so OIDC clients know Gitea's capabilities
@@ -752,7 +752,7 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect
 	if redirectURI == "" {
 		log.Warn("Authorization failed: %v", authErr.ErrorDescription)
 		ctx.Data["Error"] = authErr
-		ctx.HTML(400, tplGrantError)
+		ctx.HTML(http.StatusBadRequest, tplGrantError)
 		return
 	}
 	redirect, err := url.Parse(redirectURI)
@@ -765,7 +765,7 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect
 	q.Set("error_description", authErr.ErrorDescription)
 	q.Set("state", authErr.State)
 	redirect.RawQuery = q.Encode()
-	ctx.Redirect(redirect.String(), 302)
+	ctx.Redirect(redirect.String(), http.StatusSeeOther)
 }
 // SignInOAuth handles the OAuth2 login buttons
--- a/routers/web/auth/webauthn.go
+++ b/routers/web/auth/webauthn.go
@@ -39,7 +39,7 @@ func WebAuthn(ctx *context.Context) {
 		return
 	}
-	ctx.HTML(200, tplWebAuthn)
+	ctx.HTML(http.StatusOK, tplWebAuthn)
 }
 // WebAuthnLoginAssertion submits a WebAuthn challenge to the browser
@@ -166,5 +166,5 @@ func WebAuthnLoginAssertionPost(ctx *context.Context) {
 		}
 	}
-	ctx.JSON(200, map[string]string{"redirect": redirect})
+	ctx.JSON(http.StatusOK, map[string]string{"redirect": redirect})
 }
--- a/routers/web/base.go
+++ b/routers/web/base.go
@@ -50,11 +50,11 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor
 				if err != nil {
 					if os.IsNotExist(err) || errors.Is(err, os.ErrNotExist) {
 						log.Warn("Unable to find %s %s", prefix, rPath)
-						http.Error(w, "file not found", 404)
+						http.Error(w, "file not found", http.StatusNotFound)
 						return
 					}
 					log.Error("Error whilst getting URL for %s %s. Error: %v", prefix, rPath, err)
-					http.Error(w, fmt.Sprintf("Error whilst getting URL for %s %s", prefix, rPath), 500)
+					http.Error(w, fmt.Sprintf("Error whilst getting URL for %s %s", prefix, rPath), http.StatusInternalServerError)
 					return
 				}
@@ -62,7 +62,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor
 					w,
 					req,
 					u.String(),
-					http.StatusMovedPermanently,
+					http.StatusPermanentRedirect,
 				)
 			})
 		}
@@ -82,7 +82,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor
 			rPath := strings.TrimPrefix(req.URL.Path, "/"+prefix+"/")
 			rPath = path.Clean("/" + strings.ReplaceAll(rPath, "\\", "/"))[1:]
 			if rPath == "" {
-				http.Error(w, "file not found", 404)
+				http.Error(w, "file not found", http.StatusNotFound)
 				return
 			}
@@ -96,11 +96,11 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor
 			if err != nil {
 				if os.IsNotExist(err) || errors.Is(err, os.ErrNotExist) {
 					log.Warn("Unable to find %s %s", prefix, rPath)
-					http.Error(w, "file not found", 404)
+					http.Error(w, "file not found", http.StatusNotFound)
 					return
 				}
 				log.Error("Error whilst opening %s %s. Error: %v", prefix, rPath, err)
-				http.Error(w, fmt.Sprintf("Error whilst opening %s %s", prefix, rPath), 500)
+				http.Error(w, fmt.Sprintf("Error whilst opening %s %s", prefix, rPath), http.StatusInternalServerError)
 				return
 			}
 			defer fr.Close()
@@ -108,7 +108,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor
 			_, err = io.Copy(w, fr)
 			if err != nil {
 				log.Error("Error whilst rendering %s %s. Error: %v", prefix, rPath, err)
-				http.Error(w, fmt.Sprintf("Error whilst rendering %s %s", prefix, rPath), 500)
+				http.Error(w, fmt.Sprintf("Error whilst rendering %s %s", prefix, rPath), http.StatusInternalServerError)
 				return
 			}
 		})
@@ -163,7 +163,7 @@ func Recovery() func(next http.Handler) http.Handler {
 					if !setting.IsProd {
 						store["ErrorMsg"] = combinedErr
 					}
-					err = rnd.HTML(w, 500, "status/500", templates.BaseVars().Merge(store))
+					err = rnd.HTML(w, http.StatusInternalServerError, "status/500", templates.BaseVars().Merge(store))
 					if err != nil {
 						log.Error("%v", err)
 					}
--- a/routers/web/explore/code.go
+++ b/routers/web/explore/code.go
@@ -24,7 +24,7 @@ const (
 // Code render explore code page
 func Code(ctx *context.Context) {
 	if !setting.Indexer.RepoIndexerEnabled {
-		ctx.Redirect(setting.AppSubURL+"/explore", 302)
+		ctx.Redirect(setting.AppSubURL + "/explore")
 		return
 	}
--- a/routers/web/goget.go
+++ b/routers/web/goget.go
@@ -48,7 +48,7 @@ func goGet(ctx *context.Context) {
 	</body>
 </html>
 `))
-		ctx.Status(400)
+		ctx.Status(http.StatusBadRequest)
 		return
 	}
 	branchName := setting.Repository.DefaultBranch
--- a/routers/web/metrics.go
+++ b/routers/web/metrics.go
@@ -21,13 +21,13 @@ func Metrics(resp http.ResponseWriter, req *http.Request) {
 	}
 	header := req.Header.Get("Authorization")
 	if header == "" {
-		http.Error(resp, "", 401)
+		http.Error(resp, "", http.StatusUnauthorized)
 		return
 	}
 	got := []byte(header)
 	want := []byte("Bearer " + setting.Metrics.Token)
 	if subtle.ConstantTimeCompare(got, want) != 1 {
-		http.Error(resp, "", 401)
+		http.Error(resp, "", http.StatusUnauthorized)
 		return
 	}
 	promhttp.Handler().ServeHTTP(resp, req)
--- a/routers/web/repo/editor.go
+++ b/routers/web/repo/editor.go
@@ -780,7 +780,7 @@ func UploadFileToServer(ctx *context.Context) {
 func RemoveUploadFileFromServer(ctx *context.Context) {
 	form := web.GetForm(ctx).(*forms.RemoveUploadFileForm)
 	if len(form.File) == 0 {
-		ctx.Status(204)
+		ctx.Status(http.StatusNoContent)
 		return
 	}
@@ -790,7 +790,7 @@ func RemoveUploadFileFromServer(ctx *context.Context) {
 	}
 	log.Trace("Upload file removed: %s", form.File)
-	ctx.Status(204)
+	ctx.Status(http.StatusNoContent)
 }
 // GetUniquePatchBranchName Gets a unique branch name for a new patch branch
--- a/routers/web/repo/issue.go
+++ b/routers/web/repo/issue.go
@@ -1931,7 +1931,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 	// TODO: Not support 'clear' now
 	if action != "attach" && action != "detach" {
-		ctx.Status(403)
+		ctx.Status(http.StatusForbidden)
 		return
 	}
@@ -1946,7 +1946,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 				"UpdatePullReviewRequest: refusing to add review request for non-PR issue %-v#%d",
 				issue.Repo, issue.Index,
 			)
-			ctx.Status(403)
+			ctx.Status(http.StatusForbidden)
 			return
 		}
 		if reviewID < 0 {
@@ -1961,7 +1961,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 					"UpdatePullReviewRequest: refusing to add team review request for %s#%d owned by non organization UID[%d]",
 					issue.Repo.FullName(), issue.Index, issue.Repo.ID,
 				)
-				ctx.Status(403)
+				ctx.Status(http.StatusForbidden)
 				return
 			}
@@ -1975,7 +1975,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 				log.Warn(
 					"UpdatePullReviewRequest: refusing to add team review request for UID[%d] team %s to %s#%d owned by UID[%d]",
 					team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID)
-				ctx.Status(403)
+				ctx.Status(http.StatusForbidden)
 				return
 			}
@@ -1987,7 +1987,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 						team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID,
 						err,
 					)
-					ctx.Status(403)
+					ctx.Status(http.StatusForbidden)
 					return
 				}
 				ctx.ServerError("IsValidTeamReviewRequest", err)
@@ -2010,7 +2010,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 					reviewID, issue.Repo, issue.Index,
 					err,
 				)
-				ctx.Status(403)
+				ctx.Status(http.StatusForbidden)
 				return
 			}
 			ctx.ServerError("GetUserByID", err)
@@ -2025,7 +2025,7 @@ func UpdatePullReviewRequest(ctx *context.Context) {
 					reviewer, issue.Repo, issue.Index,
 					err,
 				)
-				ctx.Status(403)
+				ctx.Status(http.StatusForbidden)
 				return
 			}
 			ctx.ServerError("isValidReviewRequest", err)
@@ -2117,7 +2117,7 @@ func NewComment(ctx *context.Context) {
 	if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin {
 		ctx.Flash.Error(ctx.Tr("repo.issues.comment_on_locked"))
-		ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+		ctx.Redirect(issue.HTMLURL())
 		return
 	}
@@ -2170,10 +2170,10 @@ func NewComment(ctx *context.Context) {
 					if models.IsErrDependenciesLeft(err) {
 						if issue.IsPull {
 							ctx.Flash.Error(ctx.Tr("repo.issues.dependency.pr_close_blocked"))
-							ctx.Redirect(fmt.Sprintf("%s/pulls/%d", ctx.Repo.RepoLink, issue.Index), http.StatusSeeOther)
+							ctx.Redirect(fmt.Sprintf("%s/pulls/%d", ctx.Repo.RepoLink, issue.Index))
 						} else {
 							ctx.Flash.Error(ctx.Tr("repo.issues.dependency.issue_close_blocked"))
-							ctx.Redirect(fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index), http.StatusSeeOther)
+							ctx.Redirect(fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index))
 						}
 						return
 					}
@@ -2306,7 +2306,7 @@ func DeleteComment(ctx *context.Context) {
 		return
 	}
-	ctx.Status(200)
+	ctx.Status(http.StatusOK)
 }
 // ChangeIssueReaction create a reaction for issue
--- a/routers/web/repo/issue_dependency.go
+++ b/routers/web/repo/issue_dependency.go
@@ -35,7 +35,7 @@ func AddDependency(ctx *context.Context) {
 	}
 	// Redirect
-	defer ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+	defer ctx.Redirect(issue.HTMLURL())
 	// Dependency
 	dep, err := models.GetIssueByID(depID)
@@ -125,5 +125,5 @@ func RemoveDependency(ctx *context.Context) {
 	}
 	// Redirect
-	ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+	ctx.Redirect(issue.HTMLURL())
 }
--- a/routers/web/repo/issue_label_test.go
+++ b/routers/web/repo/issue_label_test.go
@@ -36,7 +36,7 @@ func TestInitializeLabels(t *testing.T) {
 	test.LoadRepo(t, ctx, 2)
 	web.SetForm(ctx, &forms.InitializeLabelsForm{TemplateName: "Default"})
 	InitializeLabels(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	unittest.AssertExistsAndLoadBean(t, &models.Label{
 		RepoID: 2,
 		Name:   "enhancement",
@@ -82,7 +82,7 @@ func TestNewLabel(t *testing.T) {
 		Color: "#abcdef",
 	})
 	NewLabel(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	unittest.AssertExistsAndLoadBean(t, &models.Label{
 		Name:  "newlabel",
 		Color: "#abcdef",
@@ -101,7 +101,7 @@ func TestUpdateLabel(t *testing.T) {
 		Color: "#abcdef",
 	})
 	UpdateLabel(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	unittest.AssertExistsAndLoadBean(t, &models.Label{
 		ID:    2,
 		Name:  "newnameforlabel",
--- a/routers/web/repo/issue_lock.go
+++ b/routers/web/repo/issue_lock.go
@@ -5,8 +5,6 @@
 package repo
 import (
 	"net/http"
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/web"
@@ -43,7 +41,7 @@ func LockIssue(ctx *context.Context) {
 		return
 	}
-	ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+	ctx.Redirect(issue.HTMLURL())
 }
 // UnlockIssue unlocks a previously locked issue.
@@ -67,5 +65,5 @@ func UnlockIssue(ctx *context.Context) {
 		return
 	}
-	ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+	ctx.Redirect(issue.HTMLURL())
 }
--- a/routers/web/repo/issue_watch.go
+++ b/routers/web/repo/issue_watch.go
@@ -53,5 +53,5 @@ func IssueWatch(ctx *context.Context) {
 		return
 	}
-	ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther)
+	ctx.Redirect(issue.HTMLURL())
 }
--- a/routers/web/repo/search.go
+++ b/routers/web/repo/search.go
@@ -18,7 +18,7 @@ const tplSearch base.TplName = "repo/search"
 // Search render repository search page
 func Search(ctx *context.Context) {
 	if !setting.Indexer.RepoIndexerEnabled {
-		ctx.Redirect(ctx.Repo.RepoLink, 302)
+		ctx.Redirect(ctx.Repo.RepoLink)
 		return
 	}
 	language := ctx.FormTrim("l")
--- a/routers/web/repo/setting_protected_branch.go
+++ b/routers/web/repo/setting_protected_branch.go
@@ -73,7 +73,7 @@ func ProtectedBranchPost(ctx *context.Context) {
 		branch := ctx.FormString("branch")
 		if !ctx.Repo.GitRepo.IsBranchExist(branch) {
-			ctx.Status(404)
+			ctx.Status(http.StatusNotFound)
 			return
 		} else if repo.DefaultBranch != branch {
 			repo.DefaultBranch = branch
--- a/routers/web/repo/settings_test.go
+++ b/routers/web/repo/settings_test.go
@@ -60,7 +60,7 @@ func TestAddReadOnlyDeployKey(t *testing.T) {
 	}
 	web.SetForm(ctx, &addKeyForm)
 	DeployKeysPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{
 		Name:    addKeyForm.Title,
@@ -90,7 +90,7 @@ func TestAddReadWriteOnlyDeployKey(t *testing.T) {
 	}
 	web.SetForm(ctx, &addKeyForm)
 	DeployKeysPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{
 		Name:    addKeyForm.Title,
@@ -127,7 +127,7 @@ func TestCollaborationPost(t *testing.T) {
 	CollaborationPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	exists, err := models.IsCollaborator(re.ID, 4)
 	assert.NoError(t, err)
@@ -153,7 +153,7 @@ func TestCollaborationPost_InactiveUser(t *testing.T) {
 	CollaborationPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
@@ -185,7 +185,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) {
 	CollaborationPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	exists, err := models.IsCollaborator(re.ID, 4)
 	assert.NoError(t, err)
@@ -194,7 +194,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) {
 	// Try adding the same collaborator again
 	CollaborationPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
@@ -216,7 +216,7 @@ func TestCollaborationPost_NonExistentUser(t *testing.T) {
 	CollaborationPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
@@ -256,7 +256,7 @@ func TestAddTeamPost(t *testing.T) {
 	AddTeamPost(ctx)
 	assert.True(t, team.HasRepository(re.ID))
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.Empty(t, ctx.Flash.ErrorMsg)
 }
@@ -296,7 +296,7 @@ func TestAddTeamPost_NotAllowed(t *testing.T) {
 	AddTeamPost(ctx)
 	assert.False(t, team.HasRepository(re.ID))
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
@@ -337,7 +337,7 @@ func TestAddTeamPost_AddTeamTwice(t *testing.T) {
 	AddTeamPost(ctx)
 	assert.True(t, team.HasRepository(re.ID))
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
@@ -370,7 +370,7 @@ func TestAddTeamPost_NonExistentTeam(t *testing.T) {
 	ctx.Repo = repo
 	AddTeamPost(ctx)
-	assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+	assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	assert.NotEmpty(t, ctx.Flash.ErrorMsg)
 }
--- a/routers/web/repo/webhook.go
+++ b/routers/web/repo/webhook.go
@@ -1241,7 +1241,7 @@ func TestWebhook(ctx *context.Context) {
 	w, err := webhook.GetWebhookByRepoID(ctx.Repo.Repository.ID, hookID)
 	if err != nil {
 		ctx.Flash.Error("GetWebhookByID: " + err.Error())
-		ctx.Status(500)
+		ctx.Status(http.StatusInternalServerError)
 		return
 	}
@@ -1285,10 +1285,10 @@ func TestWebhook(ctx *context.Context) {
 	}
 	if err := webhook_service.PrepareWebhook(w, ctx.Repo.Repository, webhook.HookEventPush, p); err != nil {
 		ctx.Flash.Error("PrepareWebhook: " + err.Error())
-		ctx.Status(500)
+		ctx.Status(http.StatusInternalServerError)
 	} else {
 		ctx.Flash.Info(ctx.Tr("repo.settings.webhook.delivery.success"))
-		ctx.Status(200)
+		ctx.Status(http.StatusOK)
 	}
 }
--- a/routers/web/repo/wiki_test.go
+++ b/routers/web/repo/wiki_test.go
@@ -124,7 +124,7 @@ func TestNewWikiPost(t *testing.T) {
 			Message: message,
 		})
 		NewWikiPost(ctx)
-		assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+		assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 		assertWikiExists(t, ctx.Repo.Repository, title)
 		assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content)
 	}
@@ -176,7 +176,7 @@ func TestEditWikiPost(t *testing.T) {
 			Message: message,
 		})
 		EditWikiPost(ctx)
-		assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+		assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 		assertWikiExists(t, ctx.Repo.Repository, title)
 		assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content)
 		if title != "Home" {
--- a/routers/web/user/home.go
+++ b/routers/web/user/home.go
@@ -151,7 +151,7 @@ func Dashboard(ctx *context.Context) {
 func Milestones(ctx *context.Context) {
 	if unit.TypeIssues.UnitGlobalDisabled() && unit.TypePullRequests.UnitGlobalDisabled() {
 		log.Debug("Milestones overview page not available as both issues and pull requests are globally disabled")
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
@@ -323,7 +323,7 @@ func Milestones(ctx *context.Context) {
 func Pulls(ctx *context.Context) {
 	if unit.TypePullRequests.UnitGlobalDisabled() {
 		log.Debug("Pull request overview page not available as it is globally disabled.")
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
@@ -336,7 +336,7 @@ func Pulls(ctx *context.Context) {
 func Issues(ctx *context.Context) {
 	if unit.TypeIssues.UnitGlobalDisabled() {
 		log.Debug("Issues overview page not available as it is globally disabled.")
-		ctx.Status(404)
+		ctx.Status(http.StatusNotFound)
 		return
 	}
--- a/routers/web/user/setting/account_test.go
+++ b/routers/web/user/setting/account_test.go
@@ -94,6 +94,6 @@ func TestChangePassword(t *testing.T) {
 		AccountPost(ctx)
 		assert.Contains(t, ctx.Flash.ErrorMsg, req.Message)
-		assert.EqualValues(t, http.StatusFound, ctx.Resp.Status())
+		assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status())
 	}
 }
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -96,7 +96,7 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
 	// this png is very likely to always be below the limit for gzip so it doesn't need to pass through gzip
 	routes.Get("/apple-touch-icon.png", func(w http.ResponseWriter, req *http.Request) {
-		http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "/assets/img/apple-touch-icon.png"), 301)
+		http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "/assets/img/apple-touch-icon.png"), http.StatusPermanentRedirect)
 	})
 	// redirect default favicon to the path of the custom favicon with a default as a fallback
@@ -142,17 +142,17 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
 	routes.Get("/ssh_info", func(rw http.ResponseWriter, req *http.Request) {
 		if !git.SupportProcReceive {
-			rw.WriteHeader(404)
+			rw.WriteHeader(http.StatusNotFound)
 			return
 		}
 		rw.Header().Set("content-type", "text/json;charset=UTF-8")
 		_, err := rw.Write([]byte(`{"type":"gitea","version":1}`))
 		if err != nil {
 			log.Error("fail to write result: err: %v", err)
-			rw.WriteHeader(500)
+			rw.WriteHeader(http.StatusInternalServerError)
 			return
 		}
-		rw.WriteHeader(200)
+		rw.WriteHeader(http.StatusOK)
 	})
 	// Removed: toolbox.Toolboxer middleware will provide debug information which seems unnecessary
--- a/services/auth/sspi_windows.go
+++ b/services/auth/sspi_windows.go
@@ -109,7 +109,7 @@ func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore,
 		store.GetData()["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn
 		store.GetData()["EnableSSPI"] = true
-		err := s.rnd.HTML(w, 401, string(tplSignIn), templates.BaseVars().Merge(store.GetData()))
+		err := s.rnd.HTML(w, http.StatusUnauthorized, string(tplSignIn), templates.BaseVars().Merge(store.GetData()))
 		if err != nil {
 			log.Error("%v", err)
 		}
--- a/services/lfs/locks.go
+++ b/services/lfs/locks.go
@@ -52,7 +52,7 @@ func GetListLockHandler(ctx *context.Context) {
 	if err != nil {
 		log.Debug("Could not find repository: %s/%s - %s", rv.User, rv.Repo, err)
 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")
-		ctx.JSON(401, api.LFSLockError{
+		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{
 			Message: "You must have pull access to list locks",
 		})
 		return
@@ -139,7 +139,7 @@ func PostLockHandler(ctx *context.Context) {
 	if err != nil {
 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)
 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")
-		ctx.JSON(401, api.LFSLockError{
+		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{
 			Message: "You must have push access to create locks",
 		})
 		return
@@ -164,7 +164,7 @@ func PostLockHandler(ctx *context.Context) {
 	dec := json.NewDecoder(bodyReader)
 	if err := dec.Decode(&req); err != nil {
 		log.Warn("Failed to decode lock request as json. Error: %v", err)
-		writeStatus(ctx, 400)
+		writeStatus(ctx, http.StatusBadRequest)
 		return
 	}
@@ -206,7 +206,7 @@ func VerifyLockHandler(ctx *context.Context) {
 	if err != nil {
 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)
 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")
-		ctx.JSON(401, api.LFSLockError{
+		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{
 			Message: "You must have push access to verify locks",
 		})
 		return
@@ -272,7 +272,7 @@ func UnLockHandler(ctx *context.Context) {
 	if err != nil {
 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)
 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")
-		ctx.JSON(401, api.LFSLockError{
+		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{
 			Message: "You must have push access to delete locks",
 		})
 		return
@@ -297,7 +297,7 @@ func UnLockHandler(ctx *context.Context) {
 	dec := json.NewDecoder(bodyReader)
 	if err := dec.Decode(&req); err != nil {
 		log.Warn("Failed to decode lock request as json. Error: %v", err)
-		writeStatus(ctx, 400)
+		writeStatus(ctx, http.StatusBadRequest)
 		return
 	}
--- a/services/migrations/gitea_downloader_test.go
+++ b/services/migrations/gitea_downloader_test.go
@@ -25,7 +25,7 @@ func TestGiteaDownloadRepo(t *testing.T) {
 	}
 	resp, err := http.Get("https://gitea.com/gitea")
-	if err != nil || resp.StatusCode != 200 {
+	if err != nil || resp.StatusCode != http.StatusOK {
 		t.Skipf("Can't reach https://gitea.com, skipping %s", t.Name())
 	}
--- a/services/migrations/gitlab.go
+++ b/services/migrations/gitlab.go
@@ -91,7 +91,7 @@ func NewGitlabDownloader(ctx context.Context, baseURL, repoPath, username, passw
 	u, _ := url.Parse(baseURL)
 	for len(pathParts) >= 2 {
 		_, resp, err = gitlabClient.Version.GetVersion()
-		if err == nil || resp != nil && resp.StatusCode == 401 {
+		if err == nil || resp != nil && resp.StatusCode == http.StatusUnauthorized {
 			err = nil // if no authentication given, this still should work
 			break
 		}
@@ -619,7 +619,7 @@ func (g *GitlabDownloader) GetPullRequests(page, perPage int) ([]*base.PullReque
 func (g *GitlabDownloader) GetReviews(reviewable base.Reviewable) ([]*base.Review, error) {
 	approvals, resp, err := g.client.MergeRequestApprovals.GetConfiguration(g.repoID, int(reviewable.GetForeignIndex()), gitlab.WithContext(g.ctx))
 	if err != nil {
-		if resp != nil && resp.StatusCode == 404 {
+		if resp != nil && resp.StatusCode == http.StatusNotFound {
 			log.Error(fmt.Sprintf("GitlabDownloader: while migrating a error occurred: '%s'", err.Error()))
 			return []*base.Review{}, nil
 		}
--- a/services/migrations/gitlab_test.go
+++ b/services/migrations/gitlab_test.go
@@ -28,7 +28,7 @@ func TestGitlabDownloadRepo(t *testing.T) {
 	}
 	resp, err := http.Get("https://gitlab.com/gitea/test_repo")
-	if err != nil || resp.StatusCode != 200 {
+	if err != nil || resp.StatusCode != http.StatusOK {
 		t.Skipf("Can't access test repo, skipping %s", t.Name())
 	}
--- a/services/migrations/onedev_test.go
+++ b/services/migrations/onedev_test.go
@@ -19,7 +19,7 @@ import (
 func TestOneDevDownloadRepo(t *testing.T) {
 	resp, err := http.Get("https://code.onedev.io/projects/go-gitea-test_repo")
-	if err != nil || resp.StatusCode != 200 {
+	if err != nil || resp.StatusCode != http.StatusOK {
 		t.Skipf("Can't access test repo, skipping %s", t.Name())
 	}
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -1474,7 +1474,7 @@
          "204": {
            "description": "user is a member"
          },
-          "302": {
+          "303": {
            "description": "redirection to /orgs/{org}/public_members/{username}"
          },
          "404": {