The AT&T Application Resource Optimizer (ARO) specifically identifies the HTTP 301 and 302 Status Codes that are found in an application trace. These two codes are an important part of application analysis, because they indicate a redirection response from the server that will lead to some additional overhead for the application.
This Best Practice Deep Dive provides some background on the 3xx class of HTTP Status Codes, describes the issues raised by the 301 and 302 Status Codes, and recommends possible resolutions for these issues.
The term "HTTP Status Code" is often used interchangeably with the term "HTTP Status Line" but they are slightly different. The HTTP Status Line is more complete, being comprised of two parts: (1) the HTTP Status Code (i.e.404) and the HTTP Reason Phrase (i.e. requested page doesn't exist).
The 3xx class of HTTP Status Codes indicates that further action needs to be taken by the user agent in order to fulfill a request. The required action may be carried out by the user agent without interaction with the user, if and only if, the method used in the second request is GET or HEAD. A client should make an effort to detect infinite redirection loops, since such loops generate network traffic for each redirection.
For the full listing of all HTTP Status Codes, refer to either the IANA or the W3C.
- The Internet Assigned Numbers Authority (IANA) maintains the official registry of HTTP status codes:
- See the W3C for further information on all of the HTTP Status Codes:
One appearance of an HTTP 301 or 302 Status Code in an application trace results in a failure of the "301, 302 HTTP Status Response Codes" Best Practices test in AT&T ARO.
Failing this test does not necessarily mean that there is something for the developer to act upon. The results are meant to bring awareness that redirects add overhead to an app, and that it is up to the developer to review each issue, determine whether it can be addressed, and take action where possible.
Best Practice Recommendation
The Best Practice Recommendation for HTTP 301 and 302 Status Codes is to review each occurrence of these codes in an HTTP response and take action where needed. The following describes these two Status Codes in more detail, and discusses some possible actions.
Receiving an HTTP 301 Status Code
An HTTP 301 Status Code indicates that the resource the client requested has permanently moved to a new location. The HTTP response containing this code should also include the new location, and the client should use this new URL the next time it tries to fetch the same resource.
When an HTTP 301 Status Code occurs, a client should update all references to the Request URL if it has the capability to do so. The HTTP response containing the code is cacheable, and unless the request method was HEAD, the entity should contain a small hypertext note with a hyperlink to the new URL(s). If the 301 Status Code is received in a response to a request of any type other than GET or HEAD, the client must ask the user before redirecting to the new URL.
If the Web server does not return an alternative URL in the response with the 301 Status Code, then either the Web server software itself is defective or the server has not been set up to correctly to handle the URL redirection.
Receiving an HTTP 302 Status Code
An HTTP 302 Status Code indicates that the resource the client requested has temporarily moved to a new location. The response should also include this location. This code indicates to the client that it should carry on using the same URL to access this resource.
The HTTP 302 Status Code is the most common way of performing a redirection. It is an example of industry practice contradicting the standard HTTP/1.0 specification, which required the client to perform a temporary redirect. The describing phrase was "Moved Temporarily", but web browsers implemented it as a 303 Status Code "See Other" by changing the request type to GET regardless of what it had been originally.
If the 302 Status Code is received in response to a request other than GET or HEAD, the user agent must not automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.
The following describes the 3xx class of HTTP Status Codes.
300 Multiple Choices
This Status Code indicates that the request has more than one possible response. The user agent or user should choose one of them. There is no standardized way to choose one of the responses.
301 Moved Permanently
This Status Code indicates that the URI of the requested resource has been changed. Typically, a new URI should be given in the response.
This Status Code indicates that the URI of the requested resource has been changed temporarily. New changes in the URI might be made in the future. Therefore, this same URI should be used by the client in future requests.
303 See Other
This Status Code indicates that the server sent this response to direct the client to get the requested resource to another URI with a GET request.
304 Not Modified
This Status Code is used for caching purposes. It indicates to the client that the response has not been modified, so the client can continue to use the same cached version of the response.
305 Use Proxy
This Status Code indicates that the requested response must be accessed by a proxy. This response code is not largely supported for security reasons.
This Status Code is no longer used.
307 Temporary Redirect
This Status Code indicates that the requested resource is temporarily located at another URI. The client should request the resource again by using the temporary URI provided in the Location field of the response. The second request must use the same method as the original request. This has the same semantic as the HTTP 302 "Found" Status Code, with the exception that the user agent must not change the HTTP method used. For example, if a POST was used in the first request, a POST must be used in the second request.
308 Permanent Redirect
This Status Code indicates that the requested resource is now permanently located at another URI, specified by the Location: HTTP Response header. This has the same semantics as the HTTP 301 "Moved Permanently" Status Code, with the exception that the user agent must not change the HTTP method used. For example, if a POST was used in the first request, a POST must be used in the second request.