Modern HTTP Status codes for redirecting

Updated . Posted . Visible to the public. Repeats.

Formerly 301 (Moved Permanently) and 302 (Found) were used for redirecting. Browsers did implement them in different ways, so since HTTP 1.1 there are some new status codes which allow for finer distinctions.

The interesting part is how non-GET requests are handled by the redirect. It is preferrable to use the newer status code to avoid unexpected behavior.

303 See Other

The response to the request can be found under another URI using the GET method. When received in response to a POST (or PUT/DELETE), the client should presume that the server has received the data and should issue a new GET request to the given URI.

=> Non-GET requests handled and afterwards "converted" to GET requests

307 Temporary Redirect

In this case, the request should be repeated with another URI; however, future requests should still use the original URI. In contrast to how 302 was historically implemented, the request method is not allowed to be changed when reissuing the original request. For example, a POST request should be repeated using another POST request.

=> Non-GET requests are just redirected and never "converted" to GET

308 Permanent Redirect

This is available since RFC 7538 and is implemented by all major browsers Show archive.org snapshot

The request and all future requests should be repeated using another URI. 307 and 308 parallel the behaviors of 302 and 301, but do not allow the HTTP method to change. So, for example, submitting a form to a permanently redirected resource may continue smoothly.

=> Non-GET requests are just redirected and never "converted" to GET

Legacy status codes for redirects

301 Moved Permanently

This and all future requests should be directed to the given URI.

=> This does not specify how the request should be redirected (so a POST or PUT could be changed to a GET request by the client or not).

302 Found (Previously "Moved temporarily")

Tells the client to look at (browse to) another URL. 302 has been superseded by 303 and 307. This is an example of industry practice contradicting the standard. The HTTP/1.0 specification (RFC 1945) required the client to perform a temporary redirect (the original describing phrase was "Moved Temporarily"), but popular browsers implemented 302 with the functionality of a 303 See Other. Therefore, HTTP/1.1 added status codes 303 and 307 to distinguish between the two behaviours. However, some Web applications and frameworks use the 302 status code as if it were the 303.

Last edit
Henning Koch
License
Source code in this card is licensed under the MIT License.
Posted to makandra dev (2021-07-07 07:35)