406 would not be standards compliant.
Access controls have nothing to do with accepts headers, and are thus more appropriate to 403 Forbidden, which is about access controls. 204 would be acceptable if you want to actually return 0 bytes of content. Which is to say not really acceptable. 303 See Other is actually also OK, as it would be a good redirect to a "safe" page. A modification of 450 Blocked by Windows Parental Controls would also be a good idea.
-- ∇×V
The Accept headers for a random request I sent to Wikipedia Wrote:Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brNow I told them I'll accept */* (anything) at the end. But imagine that it wasn't there, and I had requested a .jpg file. The server would throw an error saying "sorry, I can't give you an text/html resource because your URL asked for an image/jpeg file". That is a 406 Not Acceptable.
Access controls have nothing to do with accepts headers, and are thus more appropriate to 403 Forbidden, which is about access controls. 204 would be acceptable if you want to actually return 0 bytes of content. Which is to say not really acceptable. 303 See Other is actually also OK, as it would be a good redirect to a "safe" page. A modification of 450 Blocked by Windows Parental Controls would also be a good idea.
-- ∇×V