acvcu
Reputation: 2506
302 Redirect for RESTful API
I am setting up a RESTful API server, and we are requiring clients to use HTTPS. Is it best to set this up to completely block port 80 and return a 'not found' for requests to HTTP, or should I redirect all of these requests to HTTPS? Normally I setup my web servers to do this, but my concern is how well clients will handle the 302 Redirect in their RESTful calls. Is there a best practice or recommended way to handle this?
Thanks!
Upvotes: 2
Views: 2361
Answers (1)
benjiman
Reputation: 4048
A common approach here is to respond with status code 403 Forbidden and to specify in the response body that a secure connection is required.
Upvotes: 1
Related Questions
- Follow 302 redirect using Spring restTemplate?
- Use Redirect in Web Api Controller (HTTP 302 Found)
- HTTP 302 Redirect to a CORS request is dropped by browsers
- REST API: is a redirect (303) a good idea
- REST Api - Created resource redirect
- AJAX not handling 302 redirect
- How should client of Restful API handle http status 301 redirect upon POST?
- Spring RestTemplate redirect 302
- Web api 302 status redirect
- drupal redirecting api