Read more

Be very careful with 301 and 308 redirects

Tobias Kraze
September 14, 2017Software engineer at makandra GmbH

Browsers support different types of redirects.

Illustration web development

Do you need DevOps-experts?

Your development team has a full backlog? No time for infrastructure architecture? Our DevOps team is ready to support you!

  • We build reliable cloud solutions with Infrastructure as code
  • We are experts in security, Linux and databases
  • We support your dev team to perform
Read more Show archive.org snapshot

Be very careful with these status codes:

  • 301 Moved Permanently
  • 308 Permanent Redirect

Most browsers seem to cache these redirects forever, unless you set different Cache-Control headers. If you don't have any cache control headers, you can never change them without forcing users to empty their cache.

Note

By default Show archive.org snapshot Rails sends a header Cache-Control: max-age=0, private, must-revalidate with all responses, including redirects. That means redirects are never cached by browsers.

You do need to pay attention if you redirect outside of Rails, e.g. via your web server configuration.

Dealing with incorrectly cached redirects

The only fix is to keep redirecting the user to the correct page, so if you had

flowchart LR
  /page1--301-->/page2

but you want

flowchart LR
  /page1--301-->/page3

your only fix is to change it to

flowchart LR
  /page1--301-->/page2
  /page2--301-->/page3

This means that /page2 will become unusable as its own page.

Note that a 301 with an explicit expiry via Cache-Control is fine, and might be preferred for SEO purposes.

Posted by Tobias Kraze to makandra dev (2017-09-14 17:25)