0

I have run into a dilemma I cannot figure out. All my pages (currently being served on both localhost & a live server) redirect twice with a 307 header code until finally reaching the 200 success code and the page loads. This seems to only be happening in Chrome and is happening before the .htaccess file is read. The page is written in PHP. Is this an HSTS issue? If anyone has any insight on to why this is happening I would greatly appreciate it. Here is a screenshot of what the console on chrome displays:

IMPORTANT NOTE: Google Analytics is not added into the page code at all

307 code chrome console

307 code chrome temporary redirect

luv2code
  • 1,216
  • 6
  • 22
  • 42
  • It might be a case when it happens with any browser, but only Chrome is being honest and transparent about it. – Yevgeniy Afanasyev Oct 17 '18 at 06:28
  • I can write a php code that would give you 2 redirects with 307 code and only for Chrome if needed. It may be a case where this is actually was programmed. – Yevgeniy Afanasyev Oct 17 '18 at 06:30
  • Could you please post that php code so it could give me something to search for? Thank you!!! – luv2code Oct 17 '18 at 06:38
  • Oh, I had similar thing with validation, in Laravel, when validation failed you are redirected to the same page but with alert message. But usually they use code 422 and they can redirect more than twice, they can loop it. – Yevgeniy Afanasyev Oct 17 '18 at 06:38
  • What would cause the validation to fail and what is being validated? – luv2code Oct 17 '18 at 06:38
  • it may be authentication, or authorization – Yevgeniy Afanasyev Oct 17 '18 at 06:40
  • Thank you for taking the time to respond, but authentication or authorization of what? Any starting point would be very helpful. :) – luv2code Oct 17 '18 at 06:43
  • I cannot give you code because it would use functions specific for laravel exclusively. If you don't use laravel, it will be waste of time. – Yevgeniy Afanasyev Oct 17 '18 at 06:45
  • I know laravel, maybe I can see a similarity? – luv2code Oct 17 '18 at 06:47
  • well, you have admin account that suppose to add new item to a blog. Thus, you need to authenticate a user and authorise it to have an admin permission. – Yevgeniy Afanasyev Oct 17 '18 at 06:47
  • I'm guessing. If you would say where did you get your php code and what framework was used for it - it might be a good hint. Is it a commercial grade product php or is it some student experiments in php? – Yevgeniy Afanasyev Oct 17 '18 at 06:48
  • 1
    It might be code like this `ValidationException::withMessages([ 'a' => ['b'], ])->status(307);` – Yevgeniy Afanasyev Oct 17 '18 at 06:51
  • 1
    It could have to do with HSTS, but also with browser extensions. When those intercept and modify a request in any way, that can also cause those 307 redirects to show up in the network panel. Have you checked whether you get the same behavior in a private window without any extensions enabled? – misorude Oct 17 '18 at 06:56
  • or it might be `return Redirect::to($url, 307);` – Yevgeniy Afanasyev Oct 17 '18 at 06:56
  • I wrote all my php code from scratch. No framework being used. – luv2code Oct 17 '18 at 07:15
  • Thank you! Going to see your last two comments for debugging now. – luv2code Oct 17 '18 at 07:15
  • 1
    Possible duplicate of [307 Redirect when loading analytics.js in Chrome](https://stackoverflow.com/questions/27945501/307-redirect-when-loading-analytics-js-in-chrome) – Barry Pollard Oct 17 '18 at 07:31
  • Thank you Barry, but like I mentioned there is no analytics being loaded :( – luv2code Oct 17 '18 at 21:22
  • 2
    Read the answer to the question I linked to and not just the question title. It wasn’t caused by analytics but by a Chrome extension. – Barry Pollard Oct 17 '18 at 23:45

1 Answers1

0

This occurs due to Chrome security settings when pinging for non-https URL.

penmas
  • 957
  • 3
  • 13
  • 21