Website returns 302 instead of 200_问答_开发者

开发者 https://www.devze.com 2023-01-10 13:27 出处：网络

Well this one freaks me out. I used a Http Header check tool to check the headers of my webpage and guess what.

Well this one freaks me out. I used a Http Header check tool to check the headers of my webpage and guess what. In every request the response was 302 in开发者_运维知识库stead of 200.

domain.con
www.domain.con
http://www.domain.con

So, am i missing something here? I have not placed any redirect in any way.

So where the f#$% my website redirects? Is there a security hole?

UPDATE: While googling found this one

domain.com is not the same as www.domain.com - that's a redirect.

You are getting this because .net/IIS redirects your www.domain.com or domain.com to www.domain.com/default.aspx, so you get a header with 302 and then one for 200. I think this is by design but very confusing.

Maybe a case of this:

302 Found

This is the most popular redirect code, but also an example of industrial practice contradicting the standard. HTTP/1.0 specification (RFC 1945) required the client to perform a temporary redirect (the original describing phrase was "Moved Temporarily"), but popular browsers implemented 302 with the functionality of a 303 See Other. Therefore, HTTP/1.1 added status codes 303 and 307 to distinguish between the two behaviours. However, the majority of Web applications and frameworks still use the 302 status code as if it were the 303.

303 See Other (since HTTP/1.1)

The response to the request can be found under another URI using a GET method. When received in response to a PUT, it should be assumed that the server has received the data and the redirect should be issued with a separate GET message.

http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

It's possible that you forgot to add a final slash to the end of your URL. Most webservers will redirect you to the "canonical" location that includes the slash. If you include the slash, you may get the response you're looking for.

Are you using forms authentication? and log in page is some other page than the default page say auth.aspx? If this is the case then you will allways get 302 code and the page will be redirected to login page.

In ASP.Net we can redirect by using Response.Redirect & Server.Transfer. If we go with server.Transfer the status code 302 will never hit & directly hits the 200. If we go with Response.Redirect it passes from 302 to 200 as response.. Which is nothing but roundtrip.