How does HTTP 302 work? I would like to know the internals
问题:
回答1:
You mean how do browsers handle it? The server sends a 302
code along with a Location
header, and the browser requests the new URI specified by the Location
header instead.
Unlike 301 (Moved Permanently)
, the browser continues to use the original URI to do requests, in case the 302
code goes away
回答2:
The server returns an HTTP response with the code 302
, indicating a temporary redirection, and includes a Location:
header indicating the new URI, e.g.
HTTP/1.1 302 Found
Location: http://some-other-url
And potentially other headers at the server's discretion.
The browser normally takes this as a directive to automatically make a new, separate request for the other URI specified by the location header. The client (browser) isn't forced to do this (it could, in theory, just display a message to the user, or do whatever else it wants), but that's how HTTP clients usually behave.
Note that since the 302 is a temporary redirection, a well-behaved client will continue to use the old URL in the future, rather than going directly to the new one (301 is a permanent redirection).
回答3:
From: http://www.ietf.org/rfc/rfc2616.txt and http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
10.3.3 302 Found
The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.
The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).
If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
Note: RFC 1945 and RFC 2068 specify that the client is not allowed
to change the method on the redirected request. However, most
existing user agent implementations treat 302 as if it were a 303
response, performing a GET on the Location field-value regardless
of the original request method. The status codes 303 and 307 have
been added for servers that wish to make unambiguously clear which
kind of reaction is expected of the client.
回答4:
The internals of what? 302 is a return code the server gives the client, what the client does is upto it. The RFCs give guidance on what the client should do, but in the real world 301, 302, 303 and 307 are all handled the same way by the mainstream browsers.
回答5:
Just an Addon- Importantly, it is for stop client to hit same server url with same request consecutively/frequently.