The HTTP 307 status code means a requested resource has been temporarily moved to a different location.
The new (relative) URL is indicated by a
307 vs 302
307 Temporary Redirect is similar to
302 Found in that they both indicate a temporary redirect.
Some browsers, like Mosaic, Netscape, and Internet Explorer, have been incorrectly switching to GET requests upon encountering the 302 status code, even if the original request was done with a different HTTP method. With 307, the method and request body of the previous request will be reused for the subsequent request.
|Can change from POST to GET||301||302|
|Can’t change from POST to GET||308||307|
307 Temporary Redirect was introduced in HTTP/1.1, while
302 Found first appeared in HTTP/1.0 (1999). If the backward compatibility with ancient clients is a consideration, use 302.
Strict Transport Security (HSTS)
Strict-Transport-Security (HSTS) is an HTTP header that protects websites against protocol downgrade and cookie hijacking attacks.
If you add the
preload directive to your HSTS header and request your domain to be preloaded, your domain will eventually be added to the preload list, which is shared among major browsers.
After your domain is preloaded, whenever someone tries to access your website over an unencrypted connection (
http://), most modern browsers will issue an internal redirect to an encrypted version (
https://) of the website with a 307 status code.