axios: Cannot disable redirects with `maxRedirects: 0`

Describe the bug

I’m using axios to send a login request to an old back-end that always returns a 302 no matter it being successful or not. I don’t want to actually follow the redirect that server is suggesting (as the front-end is being rewritten from scratch and the location is non-existant). And also, I’m required to have the headers that the server is returning with the 302 response.

In short: I don’t want the redirects to be followed and I want to process the original 302 response.

To Reproduce

This works as expected in nodejs (and therefore on runkit), but it does not work in a browser. (For the following code to work, I had to load axios in https://httpstat.us/ and run the code in the console to prevent CORS errors.)

await axios.request({
    method: "GET",
    url: "https://httpstat.us/302",
    maxRedirects: 0,
    validateStatus: null,
});

The returned response in the browser is the redirected response with status code 200.

Expected behavior

No redirects are followed in the browser (like in nodejs, and as described in the documentation), and the response status code returned is 302.

Environment

Axios Version 0.21.1 (latest)
Adapter I don’t know.
Browser Firefox
Browser Version 90.0.2 (latest)
Node.js Version N/A
OS: Windows 10 Build 19043.928
Additional Library Versions N/A

Additional context/Screenshots

-–

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 15

Most upvoted comments

Yes, maxRedirects is still only supported for the HTTP adapter (nodejs). XMLHttpRequest has no way to manage redirects.

DigitalBrainJS on Jan 21, 2023

The max Redirects default value should be 0. I’ve been trying to pull Status Code 302 for 2 days. Today I saw that the default value is 5. It was always returning 200 code.

alpgul on Sep 23, 2021

This works for Node.js.

Example

const axios = require("axios");

const url = "http://google.com/";
const config = { maxRedirects: 0, validateStatus: () => true };
axios.get(url, config).then(response => console.log(response.status));

It does not work for the browser.

This is because axios uses XMLHttpRequest, which always follows redirects. See #1219 (Dec 2017) for supporting fetch, which allows customizing the redirect behavior.

pauldraper on Jun 14, 2023

I know that XMLHttpRequest is the root cause for not supporting the usecase of catching login redirects by axios. This makes it even more unfortunate, since it seems to be unlikely that the request in your link (#1219 ) will ever be implemented 😢

anetbnd on Jun 15, 2023

That this does not work is really a big issue. If you have APIs which automatically redirect a request to a login page in case the user session has expired, you have no chance with axios to detect this error case and start an appropriate error handling.

anetbnd on Jun 7, 2023

maxRedirects: 0 works for me on Node.js but validateStatus config is also needed to accept 302 status code.

wanglin86769 on Mar 22, 2023

No, it’s not.

andreynovikov on Jan 20, 2023

As of January 18th 2023 maxRedirects: 0 works as expected

antoninbeaufort on Jan 18, 2023

@Shayan-To Yes you are right that fetch supports it. The main reason why maxRedirects doesn’t work is that axios used xhr adapter for browser and http adapter for server. Since axios use xhr adapter, which is based on XMLHttpRequest and since XMLHttpRequest doesn’t have the feature to disable redirects that’s why it doesn’t work in axios on browser. fetch api is new so it added this feature. If someone wrote a fetch based adapter in axios then only I think your current issue will get solved because this is a limitation of XMLHttpRequest itself.

ginruh on Sep 12, 2021

@Shayan-To I don’t think it’s bug because in req_config doc, it mentions that maxRedirects works only in nodeJS.

  // `maxRedirects` defines the maximum number of redirects to follow in node.js.
  // If set to 0, no redirects will be followed.
  maxRedirects: 5, // default

ginruh on Sep 2, 2021