Avoid HTTP redirects in requests (no-http-redirects
)
no-http-redirects
checks if there are any HTTP redirects in the page
webhint
is analyzing.
Why is this important?
Consider the following simplified desription of what happens when a
user requests a URL within a browser:
- DNS Lookup: Translate the server domain to an IP. If the browser
doesn’t know it, it asks a DNS server which in some cases involves
multiple queries until the final IP is obtained.
- Open a TCP connection to the server
IP address requesting the URL.
- The server responds to that request by sending some content over
the TCP connection.
If the resource uses SSL, then TLS negotation(s)
happens as well.
When a redirect occurs, 3.
contains the new URL the browser needs to
request, repeating the whole sequence of steps. DNS Lookup isn’t cheap,
neither is creating a TCP connection. The
impact of redirects is felt even more by mobile users, where the network
latency is usually higher.
As a rule of thumb, the more you can avoid redirects the better.
What does the hint check?
This hint checks:
- If the target URL passed to
webhint
has any redirect. E.g.:
http://www.example.com
--> http://example.com
- If any resource in the page has any redirect. E.g.:
http://example.com/script.js
--> https://example.com/script.js
and alerts if at least one is found.
Examples that trigger the hint
- Any URL passed to
webhint
that redirects to another one - Any page with a resource (script, css, image) behind a redirect
Examples that pass the hint
- No redirect for resources nor the target URL.
Can the hint be configured?
By default no redirects are allowed but you can change this behavior.
The following hint configuration used in the .hintrc
file will allow 3 redirects for resources and 1 for the main URL:
{
"connector": {...},
"formatters": [...],
"hints": {
"no-http-redirects": ["error", {
"max-resource-redirects": 3,
"max-html-redirects": 1
}],
...
},
...
}
How to use this hint?
To use it you will have to install it via npm
:
npm install @hint/hint-no-http-redirects
Note: You can make npm
install it as a devDependency
using the
--save-dev
parameter, or to install it globally, you can use the
-g
parameter. For other options see npm
's
documentation.
And then activate it via the .hintrc
configuration file:
{
"connector": {...},
"formatters": [...],
"hints": {
"no-http-redirects": "error",
...
},
"parsers": [...],
...
}
Further Reading