307 Temporary Redirect

HTTP 307 status code means a requested resource has been temporarily moved to a different location.

The new (relative) URL is indicated by a Location header:

Location: /now

Difference between 302 and 307

307 Temporary Redirect is similar to 302 Found in a way that they both indicate a temporary redirect.

Some browsers, like Mosaic, Netscape, and Internet Explorer have been incorrectly switching to GET requests upon encountering the 302 status code, even if the original request was done with a different HTTP method. With 307, the method and request body of the previous request will be reused for the subsequent request.

Also, 307 Temporary Redirect was introduced in HTTP/1.1, while 302 Found first appeared in HTTP/1.0 (1999). If the backward compatibility with ancient clients is a consideration, use 302.

When in doubt, use 307.

Strict Transport Security (HSTS)

Strict Transport Security (HSTS) is an HTTP header protecting the website against the protocol downgrade and cookie hijacking attacks.

If you add the preload directive to your HSTS header and request your domain to be preloaded, your domain will eventually be added to the preload list, which is shared across major browsers.

After your domain is preloaded, whenever someone tries to access your website over an unencrypted connection (http://), most modern browsers will issue an internal redirect to an encrypted version (https://) of a website with a 307 status code.