How does HTTP 302 work?

2019-02-05 10:57发布

问题:

How does HTTP 302 work? I would like to know the internals

回答1:

You mean how do browsers handle it? The server sends a 302 code along with a Location header, and the browser requests the new URI specified by the Location header instead.

Unlike 301 (Moved Permanently), the browser continues to use the original URI to do requests, in case the 302 code goes away



回答2:

The server returns an HTTP response with the code 302, indicating a temporary redirection, and includes a Location: header indicating the new URI, e.g.

HTTP/1.1 302 Found
Location: http://some-other-url

And potentially other headers at the server's discretion.

The browser normally takes this as a directive to automatically make a new, separate request for the other URI specified by the location header. The client (browser) isn't forced to do this (it could, in theory, just display a message to the user, or do whatever else it wants), but that's how HTTP clients usually behave.

Note that since the 302 is a temporary redirection, a well-behaved client will continue to use the old URL in the future, rather than going directly to the new one (301 is a permanent redirection).



回答3:

From: http://www.ietf.org/rfc/rfc2616.txt and http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

10.3.3 302 Found

The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.

The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).

If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.

  Note: RFC 1945 and RFC 2068 specify that the client is not allowed
  to change the method on the redirected request.  However, most
  existing user agent implementations treat 302 as if it were a 303
  response, performing a GET on the Location field-value regardless
  of the original request method. The status codes 303 and 307 have
  been added for servers that wish to make unambiguously clear which
  kind of reaction is expected of the client.


回答4:

The internals of what? 302 is a return code the server gives the client, what the client does is upto it. The RFCs give guidance on what the client should do, but in the real world 301, 302, 303 and 307 are all handled the same way by the mainstream browsers.



回答5:

Just an Addon- Importantly, it is for stop client to hit same server url with same request consecutively/frequently.