302 Status Code (HTTP 302 Found): What It Means & When to Use It

What Is the 302 Status Code?

The 302 status code — officially named 302 Found — is an HTTP response code that tells the client (usually a browser) the resource it requested has been temporarily moved to a different URL. The new URL is provided in the response's Location header, and the client is expected to fetch the resource from there for this request only.

Because the move is temporary, the client should keep using the original URL for future requests. Search engines, browsers, and bookmarks should not replace the original URL with the redirect target. This is the key behavioral difference between HTTP 302 and 301 Moved Permanently.

The 302 code lives in the 3xx redirection class of HTTP status codes, defined in RFC 9110. Despite the historical name 'Found', the response body is almost never used — modern browsers immediately follow the Location header without rendering it.

Anatomy of a 302 Response

A 302 status code response always contains two essential elements: the status line itself and a Location header pointing to the new URL. Without a valid Location header, the client cannot follow the redirect.

• Status line — HTTP/1.1 302 Found (or HTTP/2 302 in HTTP/2)

• Location header — the destination URL the client should follow (required)

• Cache-Control — usually no-cache so browsers don't cache the redirect target permanently

• Body — typically empty, though servers may include a small HTML page for legacy clients (<html><body><a href="...">Click here</a></body></html>)

HTTP/1.1 302 Found
Location: https://www.example.com/new-page
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Cache-Control: no-cache, no-store
Date: Mon, 27 Apr 2026 14:00:00 GMT

The Location header can be an absolute URL (https://example.com/path) or a path-relative URL (/path). Modern HTTP clients accept both forms, though absolute URLs are recommended for clarity.

302 vs 301 vs 307 vs 308: Which Redirect Should You Use?

HTTP defines five common redirect status codes, and choosing the right one matters for caching, SEO, and request method preservation. Use this table as a decision matrix:

The modern recommendation: if you need a temporary redirect and want to be unambiguous about method handling, use 307 instead of 302. The 307 code was added in HTTP/1.1 specifically because browsers historically violated the spec by changing POST to GET on a 302 — and that incorrect behavior was so widespread it became the de facto standard.

When Should You Use a 302 Redirect?

Use the 302 status code whenever the redirect is genuinely temporary — meaning you expect to remove or change the redirect target in the future. Common legitimate use cases include:

• Login redirects — Sending an unauthenticated user from /dashboard to /login, then back after login

• A/B testing — Routing 50% of users to a variant page without changing the canonical URL

• Maintenance pages — Temporarily redirecting all traffic to /maintenance while you patch the server

• Geolocation routing — Sending visitors from / to /us or /de based on their country, while keeping / as the canonical entry point

• Mobile redirects — Redirecting smartphone users from example.com to m.example.com (though responsive design is preferred today)

• Out-of-stock product pages — Sending shoppers to a category page until the product comes back in stock

• Short-lived promotional URLs — /black-friday redirecting to the campaign landing page during the sale only

If any of these will become permanent, switch to a 301. Search engines wait several months before treating a long-lived 302 as a 301, so leaving a permanent move on 302 costs you ranking signals during that limbo period.

How to Send a 302 Status Code

Most web servers and frameworks have built-in helpers for sending a 302 redirect. Below are the most common patterns. Each issues HTTP 302 Found with a Location header — the only two things a 302 response strictly needs.

Nginx

In Nginx, use the return directive with status code 302 (the default if you omit the code is also 302):

server {
    listen 80;
    server_name example.com;

    # Temporary redirect (302 Found)
    location /old-page {
        return 302 https://example.com/new-page;
    }
}

Apache (.htaccess)

On Apache, use Redirect with the 302 code or RewriteRule with the [R=302,L] flag:

# Simple temporary redirect
Redirect 302 /old-page https://example.com/new-page

# Or with mod_rewrite for pattern matching
RewriteEngine On
RewriteRule ^maintenance$ /maintenance.html [R=302,L]

Node.js (Express)

Express's res.redirect() defaults to 302 when no status code is provided:

// Temporary redirect (302 Found by default)
app.get('/dashboard', (req, res) => {
  if (!req.user) {
    return res.redirect('/login') // sends 302
  }
  // ...render dashboard
})

// Or be explicit:
res.redirect(302, '/login')

How to Test a 302 Status Code

After implementing a 302 redirect, verify it works correctly. The fastest way is curl from your terminal — it shows the exact status code and Location header without any browser cache interference.

# Show response headers only (-I) without following the redirect
curl -I https://example.com/old-page

# Expected output:
# HTTP/2 302
# location: https://example.com/new-page
# cache-control: no-cache
# date: Mon, 27 Apr 2026 14:00:00 GMT

# Follow the full redirect chain (-L) and show every hop
curl -ILs https://example.com/old-page | grep -i 'HTTP/\|location:'

If you don't have terminal access, use DNS Robot's free Redirect Checker to trace the full redirect chain from a neutral location, or the HTTP Headers Checker to inspect the raw response headers — both bypass your browser cache.

302 Redirects and SEO

A 302 status code tells search engines: 'this move is temporary, keep the original URL in your index.' That has direct consequences for ranking signals.

According to Google Search Central, a 302 does not transfer the original URL's ranking signals to the redirect target the way a 301 does. The original URL stays canonical. Google may still index the target page if other canonicalization signals (internal links, sitemap, hreflang) point to it — but the 302 itself is not a canonical signal.

• Use 301 for permanent moves — Domain changes, URL structure changes, page consolidation

• Use 302 for temporary moves — Login flows, A/B tests, maintenance, regional routing

• Don't leave a permanent move on 302 — Google waits months before treating a long-lived 302 as a 301, costing you ranking equity during that period

• Avoid chains — A → 302 → B → 302 → C dilutes signals and slows page load. Each hop adds latency

Why a 302 Changes POST Requests to GET

This is the most surprising behavior of HTTP 302. The original RFC said clients should preserve the request method when following a redirect. But early browsers — Mosaic, Netscape, IE — all changed POST to GET on a 302, and that incorrect behavior became so widespread it was standardized in the WHATWG Fetch Standard.

Today, when a browser sends a POST /login and the server responds with 302 Found, the browser automatically issues a GET /next-page against the redirect target. The form data is dropped. This is rarely what server developers intend.

# What you send:
POST /submit-form HTTP/1.1
Host: example.com
Content-Type: application/x-www-form-urlencoded

name=Alice&email=alice@example.com

# Server responds with 302:
HTTP/1.1 302 Found
Location: /thank-you

# Browser follows with GET (form data dropped!):
GET /thank-you HTTP/1.1
Host: example.com

If you need the redirect to preserve the original method (POST stays POST, PUT stays PUT), use 307 Temporary Redirect instead. If you intentionally want to drop the body and switch to GET — the classic POST/Redirect/GET pattern — use 303 See Other. Both are unambiguous; 302 is not.

Common 302 Errors and How to Fix Them

When HTTP 302 goes wrong, it usually shows up as one of these symptoms. Most have simple fixes:

• `Getting 302 instead of 200` — The server is redirecting when it shouldn't. Check .htaccess, Nginx config, or framework middleware for unintended redirect rules

• `302 with no Location header` — Invalid response. Browsers will show a blank page. Make sure your code sets the Location header before sending the status

• `302 redirecting to itself` — A redirect loop. The Location URL matches the request URL. Check the redirect rule for missing conditions

• `302 dropping form data` — POST → 302 → GET drops the body. Switch to 307 Temporary Redirect to preserve POST

• `302 cached by the browser` — A buggy server set Cache-Control: max-age=... on the redirect. Add Cache-Control: no-cache and clear the browser cache

• `302 in production but not local` — Usually a CDN or load balancer adding redirects. Test directly against the origin to isolate

302 Redirect Loops: How to Diagnose

A redirect loop happens when URL A returns a 302 to URL B, and URL B returns a 302 back to URL A. After 20 hops (in Chrome and Firefox), the browser shows ERR_TOO_MANY_REDIRECTS and gives up.

The single most common cause is an SSL/HTTPS conflict between a CDN (like Cloudflare) and the origin server: the CDN connects to the origin over HTTP, the origin redirects HTTP→HTTPS, the CDN strips HTTPS and connects over HTTP again — infinite loop.

# Trace the full redirect chain (limit to 10 hops to avoid infinite loops)
curl -ILs --max-redirs 10 https://example.com 2>&1 | grep -i 'HTTP/\|location:'

# Example of a loop:
# HTTP/2 302
# location: http://example.com/
# HTTP/1.1 302 Found
# Location: https://example.com/
# HTTP/2 302
# location: http://example.com/  <-- loop confirmed

If you see two URLs alternating in the Location headers, you have confirmed a 302 redirect loop. For a complete fix walkthrough, see our ERR_TOO_MANY_REDIRECTS guide. DNS Robot's Redirect Checker traces the full chain from a neutral location and stops at the loop point.

302 Status Code Best Practices

Sending 302 Found correctly avoids most of the bugs developers hit when implementing redirects:

• Always include a Location header — A 302 without a Location is invalid and renders as a blank page

• Always set Cache-Control: no-cache — Otherwise some browsers cache the redirect for the session, breaking the 'temporary' contract

• Use absolute URLs in Location — https://example.com/new is unambiguous; /new works but can break behind proxies that change the host

• Keep redirects to one hop — A → 302 → B is fine; A → 302 → B → 302 → C slows page load and dilutes ranking signals

• Don't redirect from POST to a different page with 302 — Use 303 (intentional GET on next page) or 307 (preserve POST)

• Audit redirects monthly — Old temporary redirects often outlive their reason. Check with Redirect Checker

• Switch to 301 when the move becomes permanent — Don't leave a permanent move on 302 longer than a few weeks

Browser and Cache Behavior

Different browsers and intermediaries handle HTTP 302 slightly differently. Knowing the quirks saves debugging time:

For verifying redirect behavior across edge cases (POST methods, infinite loops, header presence), DNS Robot's HTTP Headers Checker shows the raw response without any browser-side method rewriting. Read more about temporary redirects in the MDN documentation and the RFC 9110 specification.