How to do a non-cached 301 redirect?

Solution 1

301 is a permanent redirect, so caching makes sense. If your redirect isn't permanent, use 307 (temporary redirect), 302 (found) or 303 (see other).

See here for the appropriate use cases.

To elaborate on the differences between these three:

• 307 is the generic, temporary redirect for when a resource is moved. For example, a URL like domain.com/news/latest might do a 307 redirect to the latest news article, domain.com/news/article-594873. Since this temporary redirection may persist for a while (that particular article may be the latest for several hours), browsers might cache the redirect. To control the degree to which they do, use cache control headers.
• 303 is the redirect that must not be cached, ever. For example, POSTing a new article to domain.com/news might create a new news article, and a 303 redirect to it is provided to domain.com/news/article-978523. Since another POST request results in a completely different, new article being created, it cannot be cached.
• 302 is a bit stranger, I've never used it myself. Apparently it's more of a legacy substitute for the 303, for earlier HTTP 1.0 version clients who do not understand the 303.

Since you asked specifically about PHP:

<?php
function header_redirect_permanent($url)
    {
    header($_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently', true, 301);
    header('Location: ' . $url);
    }

function header_no_cache()
    {
    header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
    header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); // past date to encourage expiring immediately
    }

You can stop agents from caching a 301 as well, if you must, using the above cache control headers like this:

header_no_cache();
header_redirect_permanent($url);

or simply add

header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
header('Location:'.$url, true, 301);
exit;

Solution 2

A http status code 301 without caching can be used to do URL canonicalization while retaining the tracking functionality.

To prevent a 301 redirect from being cached just set the cache control headers, then you can undo the redirect and clients (bot and browsers) will no longer get redirected.

header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
header('Location:'.$url, true, 301);
exit;

This is useful when you want browsers to update the URL in bookmarks and bots to update their index but still be able to track them or undo the redirect by redirecting back to the original URL without causing infinite loops or other nonsense.

This does not in any way mean that the 301 code has to be used for all redirects, on the contrary, different kinds of redirect have different status codes which Core Xii summarized.

Author by

Timo Huovinen

"The formulation of a problem is often more essential than its solution, which may be merely a matter of mathematical or experimental skill." -Albert Einstein Web Dev that enjoys HTML/CSS, but mainly works with JavaScript, Golang, PHP and SQL. Considers himself to be a beginner forever, even though has experience in the field, the fact that he is self-taught shows with constant beginner questions. Talks about himself in third person. Lacks common sense.

Updated on June 17, 2022