307 Temporary Redirect
The HTTP 307 status code means a requested resource has been temporarily moved to a different location.
The new (relative) URL is indicated by a Location
header:
Location: /now
307 vs 302
307 Temporary Redirect
is similar to 302 Found
in that they both indicate a temporary redirect.
Some browsers, like Mosaic, Netscape, and Internet Explorer, have been incorrectly switching to GET requests upon encountering the 302 status code, even if the original request was done with a different HTTP method. With 307, the method and request body of the previous request will be reused for the subsequent request.
Request Method | Permanent | Temporary |
---|---|---|
Can change from POST to GET | 301 | 302 |
Can’t change from POST to GET | 308 | 307 |
Browser support
307 Temporary Redirect
was introduced in HTTP/1.1, while 302 Found
first appeared in HTTP/1.0 (1999). If the backward compatibility with ancient clients is a consideration, use 302.
Strict Transport Security (HSTS)
Strict-Transport-Security
(HSTS) is an HTTP header that protects websites against protocol downgrade and cookie hijacking attacks.
If you add the preload
directive to your HSTS header and request your domain to be preloaded, your domain will eventually be added to the preload list, which is shared among major browsers.
After your domain is preloaded, whenever someone tries to access your website over an unencrypted connection (http://
), most modern browsers will issue an internal redirect to an encrypted version (https://
) of the website with a 307 status code.