HTTP 307 status code means a requested resource has been temporarily moved to a different location.
The new (relative) URL is indicated by a Location
header:
Location: /now
307 vs 302
307 Temporary Redirect
is similar to 302 Found
in a way that they both indicate a temporary redirect.
Some browsers, like Mosaic, Netscape, and Internet Explorer have been incorrectly switching to GET requests upon encountering the 302 status code, even if the original request was done with a different HTTP method. With 307, the method and request body of the previous request will be reused for the subsequent request.
Also, 307 Temporary Redirect
was introduced in HTTP/1.1, while 302 Found
first appeared in HTTP/1.0 (1999). If the backward compatibility with ancient clients is a consideration, use 302.
Request Method | Permanent | Temporary |
---|---|---|
Can change from POST to GET | 301 | 302 |
Can’t change from POST to GET | 308 | 307 |
Strict Transport Security (HSTS)
Strict Transport Security (HSTS) is an HTTP header protecting the website against the protocol downgrade and cookie hijacking attacks.
If you add the preload
directive to your HSTS header and request your domain to be preloaded, your domain will eventually be added to the preload list, which is shared across major browsers.
After your domain is preloaded, whenever someone tries to access your website over an unencrypted connection (http://
), most modern browsers will issue an internal redirect to an encrypted version (https://
) of a website with a 307 status code.
No spyware, no promotional emails, or keyword-stuffed junk. I will only send you a single email when I've got something interesting to say. Unsubscribe anytime.
You can also subscribe to the Atom feed (it's like RSS, but better).