In ongoing project our SEO-team asked about investigating redirect from
http links to
https with status code 307. They asked to investigate it.
So what I did is check via Chrome to confirm that status is 307 - confirmed✅
Then checked via
HTTP/1.1 308 Permanent Redirect
Date: Fri, 29 Sep 2023 07:18:39 GMT
308 status when it should be 307 🤔
Then checked more carefully at DevTools et voila 🎉:
So what Today I Learned:
HSTS header does automatic redirect on client-side from HTTP-> HTTPS (secure) connection protecting websites against man-in-the-middle attacks and cookie hijacking.
Example of how it can be set:
Strict-Transport-Security : max-age=3600 ; includeSubDomains; preload