How Google handles 307/HSTS redirects is totally defined within the newest ‘Ask Google Webmasters’ video with John Mueller.
Specifically, Mueller addresses the next query:
“How does Googlebot interact with HSTS/307s?”
An HSTS redirect can be utilized to pressure browsers to go to the HTTPS model of a web page.
These forms of directs could be helpful in instances the place somebody hyperlinks to an HTTP URL as a substitute of an HTTPS URL.
When the hyperlink is clicked on, the HSTS/307 redirect will make sure the customer lands on the HTTPS URL.
That’s what occurs when browsers work together with 307’s. What occurs when Googlebot does?
Here’s what Mueller says:
“In quick, [Googlebot] doesn’t work together with them. 307 redirects are usually not actual redirects. So what does that imply?
Well once you make a web site HTTPS you’ll be able to optionally use HSTS. HSTS tells customers to solely get the HTTPS model of a web page.
So, when a consumer enters a URL, or clicks on a hyperlink that will in any other case go to HTTP, the browser remembers the HSTS and goes instantly to the HTTPS model.”
Continue Reading Below
If a web site proprietor makes use of the URL Inspection software on a web page with HSTS, they are going to see that it has a 307 redirect in place.
However, Mueller emphasizes HSTS acts like a redirect, however isn’t a real redirect.
It’s not a real redirect as solely browsers are able to seeing a 307; it doesn’t imply something to Googlebot.
When Googlebot crawls a HTTP web page with HSTS, it is not going to be redirected to the HTTPS model as a browser would.
“And that’s fine,” Mueller provides.
Of course, that’s solely wonderful if the HTTPS URLs are listed and crawlable. HSTS isn’t a software for getting hyperlinks found.
If you’re migrating from HTTP to HTTPS, for instance, HSTS is not going to assist Google uncover your new hyperlinks. For that you’ll have to use correct 301 redirects.
Continue Reading Below
HSTS is an optionally available software that be used along side a real redirect so as to be completely certain customers are touchdown on safe pages.
Here is the rest of Mueller’s response:
“To make it clear what’s taking place – it acts prefer it was a redirect. Chrome calls this a 307 redirect. So, should you use Chrome, and also you see a 307 consequence code with a software, it’s probably not there.
When it comes to Googlebot, we strive to crawl URLs with a contemporary slate. So we wouldn’t preserve the HSTS listing, and moderately simply instantly entry the HTTP URL instantly.
If that URL redirects, which is often the case with an HTTP and HTTPS web site, we might observe that. So, in brief, Googlebot doesn’t see the 307 that you simply’d see within the browser. And that’s wonderful.”
See the total video beneath (there are some enjoyable bloopers on the finish):