Menu
A common scenario for a web app is to redirect after a POST that modifies the database. Like redirecting to the newly created database object after the user creates it.
It seems like most web apps use 302 redirects, but 303 seems to be the correct thing to do according to the specification if you want the url specified in the redirect to be fetched with GET. Technically, with a 302, the browser is supposed to fetch the specified url with the same method that the original url was fetched with, which would be POST. Most browsers don't do that though.
302 - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.3
303 - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.4
So should I be using 302 or 303?
289
A 303 redirect is for use when you are receiving POST data from a client (e.g., a form submission) and you want to redirect them to a new web page to be retrieved using GET instead of POST (e.g., a standard page request).
If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
HTTP status code 303 (“See Other”) tells a client that a resource is temporarily available at a different location and explicitly instructs the client to issue a GET request on the new URL, regardless of which request method was originally used.
What Is A 302 Redirect? A 302 redirect lets search engines know that a website or page has been moved temporarily. When Should You Use 302 Redirects? Use this type of redirect if you want to send users to a new site or page for a short period of time, such as when you're redesigning or updating your website.
The correct one is 303.
I use it and haven't found any compatibility problems with UAs newer than Netscape 4 (1998, released 17 years ago).
If you use 302, you're risking that UA will re-send POST to the new URL instead of switching to GET.
Still, if you're worried about HTTP/1.0 clients (which don't support vhosts and probably won't be able to access your page anyway) then you should include HTML with link to the new page in body of the 303 response (web servers like Apache do that already).
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
