307 Temporary Redirect
The target resource resides temporarily under a different URI. The method MUST NOT be changed.
Usually happens because:
- ☑ Redirecting form submissions (POST) temporarily
- ☑ Temporary proxy routing routing API
🔍 Quick Checklist:
Meaning
The HTTP 307 Temporary Redirect redirection status code indicates that the target resource resides temporarily under a different URI. Unlike 302 Found, a 307 redirect guarantees that the client's HTTP request method and body payload will not be changed when following the redirect (e.g. POST remains POST).
Root Causes
- Redirecting form submissions (POST) temporarily during database migrations.
- Temporary proxy routing routing API requests.
| Cause | Frequency |
|---|---|
| Redirecting form submissions (POST) temporarily | ⭐⭐⭐⭐⭐ |
| Temporary proxy routing routing API | ⭐⭐⭐⭐ |
Common Mistakes
- Using 302 instead of 307 for redirecting POST API requests (browsers will silently convert POST to GET, losing payload parameters).
- Using 307 for permanent redirects (caching 307 permanent is incorrect; use 308 instead).
How to Fix
Framework-Specific Examples
Express temporary redirect preserving POST method.
app.post('/api/users', (req, res) => {
res.redirect(307, 'https://backup.api.com/users');
});Server Configuration Examples
Configuring Nginx rewrite rules with 307 status codes.
return 307 https://backup.api.com$request_uri;Prevention
- Always use 307 for API endpoints (POST, PUT, DELETE) where method preservation is required.
- Audit API redirects to verify payload preservation.
Frequently Asked Questions (FAQ)
Q: What is the difference between 302 and 307?
With 302, browsers are allowed to change the request method from POST to GET when following the redirect. With 307, the client MUST repeat the exact same request method (e.g. POST remains POST) and body payload.
Q: Is HTTP 307 cached?
No. A 307 redirect is temporary and is never cached by browsers, meaning subsequent requests will query the origin server first.
Q: Does a browser ask for user permission before repeating a POST request on 307?
Yes. According to RFC specifications, if the redirection is not a GET/HEAD request, browsers may prompt the user to confirm resending the data payload.
Q: Is 307 suitable for locale routing?
Yes, though 302 is more common. If a POST user registration must be directed to a localized country sub-domain, 307 is required to preserve registration data.