Nuclear Rooster

11Dec/090

Better know a HTTP Response Code: The Fightin’ 307

In tonight's episode of "Better know a HTTP Response Code" we'll be checking out "307 Temporary Redirect." This ain't your mother's temporary redirect (assuming she primarily uses the more common "302 Temporary Redirect"). The good ol' w3c has this to say in their HTTP 1.1 spec thingy:

10.3.8 307 Temporary Redirect

The requested resource resides temporarily under a different URI. Since the redirection MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.

The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s) , since many pre-HTTP/1.1 user agents do not understand the 307 status. Therefore, the note SHOULD contain the information necessary for a user to repeat the original request on the new URI.

If the 307 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.

Blahdity blah blah. So while 302's force the redirect location to be requested with a GET, 307's are able to redirect with a POST request. Buuut, there are a couple of caveats. 1) Redirection of POSTs should not be automatic, due to the security issue, and 2) in real life not everybody actually knows how to handle a 307 *Ahem*, I'm looking at you Internet Explore.

Example

Here's a quick PHP example to get us going.

<?php
if (isset($_GET['do_a_redirect'])) {
  header("HTTP/1.1 307 Temporary Redirect");
  header( 'Location: http://127.0.0.1:1234/pluggd/upload_redirect/form.php?upload_that_file' ) ;
} else if (isset($_GET['upload_that_file'])) {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br />\n";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br />\n";
    echo "Type: " . $_FILES["file"]["type"] . "<br />\n";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />\n";
    echo "Stored in: " . $_FILES["file"]["tmp_name"] . "\n";
    }
} else {
?>
<html>
<body>

<form action="form.php?do_a_redirect" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>

</body>
</html>
<?php } ?>

Rockin' it with CURL:

nick-stielaus-computer-3:~ nick$ curl -L -F "file=@Desktop/shortVids/sheep.flv" http://127.0.0.1:1234/pluggd/upload_redirect/form.php?do_a_redirect
Upload: sheep.flv
Type: application/octet-stream
Size: 174.1796875 Kb
Stored in: /private/var/tmp/phpRYQVYc

And FireFox's nice message:

How FireFox handles a HTTP 1.1 307 Response

How FireFox handles a HTTP 1.1 307 Response

Credits

A Stack Overflow discussion got me going on this.

Filed under: Uncategorized Leave a comment
Comments (0) Trackbacks (0)

No comments yet.


Leave a comment


Trackbacks are disabled.

« Sending Munin Alerts to Jabber/XMPP Quick download benchmarks with CURL »

Quote Bot

Civil liberties are not just an ornament, or a quaint American tradition. Civil liberties make countries rich. — Paul Graham

Recently…

Projects