HTTP 303
The HTTP response status code 303 See Other is a way to redirect web applications to a new URI, particularly after a HTTP POST has been performed, since RFC 2616 (HTTP 1.1).
HTTP |
---|
Request methods |
Header fields |
Status codes |
Security access control methods |
Security vulnerabilities |
According to RFC 7231, which obsoletes RFC 2616, "A 303 response to a GET request indicates that the origin server does not have a representation of the target resource that can be transferred by the server over HTTP. However, the Location field value refers to a resource that is descriptive of the target resource, such that making a retrieval request on that other resource might result in a representation that is useful to recipients without implying that it represents the original target resource."
This status code should be used with the location header, as described below. If a server responds to a POST or other non-idempotent request with a 303 See Other response and a value for the location header, the client is expected to obtain the resource mentioned in the location header using the GET method; to trigger a request to the target resource using the same method, the server is expected to provide a 307 Temporary Redirect response.
303 See Other has been proposed as one way of responding to a request for a URI that identifies a real-world object according to Semantic Web theory (the other being the use of hash URIs).[1] For example, if http://www.example.com/id/alice identifies a person, Alice, then it would be inappropriate for a server to respond to a GET request with 200 OK, as the server could not deliver Alice herself. Instead the server would issue a 303 See Other response which redirected to a separate URI providing a description of the person Alice.
303 See Other can be used for other purposes. For example, when building a RESTful web API that needs to return to the caller immediately but continue executing asynchronously (such as a long-lived image conversion), the web API can provide a status check URI that allows the original client who requested the conversion to check on the conversion's status. This status check web API should return 303 See Other to the caller when the task is complete, along with a URI from which to retrieve the result in the Location HTTP header field.[2]
Example
Client request:
POST / HTTP/1.1
Host: www.example.com
Server response:
HTTP/1.1 303 See Other
Location: http://example.org/other
See also
- RFC 1945 (HTTP 1.0)
- RFC 7231 (HTTP 1.1)
- Hypertext Transfer Protocol
- List of HTTP status codes
- Post/Redirect/Get
- HTTP 301 (Permanent redirect)
References
- Cool URIs for the Semantic Web, see section 4
- Subbu Allamaraju. RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity. O'Reilly Media, 2010, p. 20.