Website returns 302 instead of 200
Asked Answered
V

6

16

Well this one freaks me out. I used a Http Header check tool to check the headers of my webpage and guess what. In every request the response was 302 instead of 200.

domain.con
www.domain.con
http://www.domain.con

So, am i missing something here? I have not placed any redirect in any way.

So where the f#$% my website redirects? Is there a security hole?

UPDATE: While googling found this one

Variegated answered 5/8, 2010 at 9:31 Comment(2)
Take a look at the Location header in the response, if present.Fortification
still clever how your web server resolves .con to .comArsyvarsy
D
10

domain.com is not the same as www.domain.com - that's a redirect.

Dachshund answered 5/8, 2010 at 9:35 Comment(4)
I guess i understand that, but both shouldn't return 200?Variegated
The redirect will return a 302 (redirect), the last one should return a 200.Dachshund
Well, it should but it does NOT. It returns 302 too.Variegated
Have you looked at the complete trace using fiddler? Where is the second redirect going to?Dachshund
A
7

You are getting this because .net/IIS redirects your www.domain.com or domain.com to www.domain.com/default.aspx, so you get a header with 302 and then one for 200. I think this is by design but very confusing.

Antiquate answered 24/1, 2013 at 17:49 Comment(0)
D
5

Maybe a case of this:

302 Found

This is the most popular redirect code, but also an example of industrial practice contradicting the standard. HTTP/1.0 specification (RFC 1945) required the client to perform a temporary redirect (the original describing phrase was "Moved Temporarily"), but popular browsers implemented 302 with the functionality of a 303 See Other. Therefore, HTTP/1.1 added status codes 303 and 307 to distinguish between the two behaviours. However, the majority of Web applications and frameworks still use the 302 status code as if it were the 303.

303 See Other (since HTTP/1.1)

The response to the request can be found under another URI using a GET method. When received in response to a PUT, it should be assumed that the server has received the data and the redirect should be issued with a separate GET message.

http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

Dispenser answered 5/8, 2010 at 9:50 Comment(0)
F
0

It's possible that you forgot to add a final slash to the end of your URL. Most webservers will redirect you to the "canonical" location that includes the slash. If you include the slash, you may get the response you're looking for.

Fortification answered 5/8, 2010 at 9:36 Comment(1)
The response was once again 302.Variegated
G
0

Are you using forms authentication? and log in page is some other page than the default page say auth.aspx? If this is the case then you will allways get 302 code and the page will be redirected to login page.

Gustin answered 5/8, 2010 at 9:57 Comment(0)
Q
0

In ASP.Net we can redirect by using Response.Redirect & Server.Transfer. If we go with server.Transfer the status code 302 will never hit & directly hits the 200. If we go with Response.Redirect it passes from 302 to 200 as response.. Which is nothing but roundtrip.

Quan answered 25/10, 2018 at 6:15 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.