Difference between HTTP redirect codes

http redirect uri http-status-codes
Channel72 picture Channel72 · Jan 21, 2011 · Viewed 53.3k times · Source

The differences between the various HTTP 3XX redirect codes are not clear to me. Yes, I've read the spec, but there seems to be some discrepancy between the standard and actual practice here.

The 301 redirect code seems clear enough: This means the resource was permanently moved to another URI, and future requests should use that URI.

And the 307 redirect code also seems clear: it means the redirect is temporary, and future requests should still use the original URI.

But I can't tell what the difference is between 302 and 303, or why either of them are really different from 301. It seems that 302 was originally intended to be a temporary redirect, (like 307), but in practice, most browsers treated it like a 303. But what's the difference between a 303 and a 301? Is 301 supposed to mean the redirect is more permanent?

Answer

Bob Aman picture Bob Aman · Jan 21, 2011
  • 301: Permanent redirect. Clients making subsequent requests for this resource should use the new URI. Clients should not follow the redirect automatically for POST/PUT/DELETE requests.
  • 302: Redirect for undefined reason. Clients making subsequent requests for this resource should not use the new URI. Clients should not follow the redirect automatically for POST/PUT/DELETE requests.
  • 303: Redirect for undefined reason. Typically, 'Operation has completed, continue elsewhere.' Clients making subsequent requests for this resource should not use the new URI. Clients should follow the redirect for POST/PUT/DELETE requests, but use GET for the follow-up request.
  • 307: Temporary redirect. Resource may return to this location at a later point. Clients making subsequent requests for this resource should use the old URI. Clients should not follow the redirect automatically for POST/PUT/DELETE requests.

I personally recommend avoiding 302 if you have the choice. Many clients do not follow the spec when they encounter a 302. For temporary redirects, you should use either 303 or 307, depending on what type of behavior you want on non-GET requests. Prefer 307 to 303 unless you need the alternate behavior on POST/PUT/DELETE.

Related questions

How to redirect all HTTP requests to HTTPS

I'm trying to redirect all insecure HTTP requests on my site (e.g. http://www.example.com) to HTTPS (https://www.example.com). I'm using PHP btw. Can I do this in .htaccess?

Read More
What does HTTP/1.1 302 mean exactly?

Some article I read once said that it means jumping (from one URI to another), but I detected this "302" even when there was actually no jumping at all!

Read More
HTTP redirect: 301 (permanent) vs. 302 (temporary)

Is the client supposed to behave differently? How?

Read More