← All Status Codes
304
Not Modified
↪️ Redirection Info Risk

📖 What Is HTTP 304?

The resource has not been modified since the last request. The client can use its cached version. Saves bandwidth by not retransmitting unchanged resources.

🛡️ Security Implications

Ensure sensitive responses include Cache-Control: no-store to prevent caching. A 304 on authenticated content may leak data if cached by shared proxies.

🔍 Common Causes

Client sent If-Modified-Since or If-None-Match header and the resource has not changed since.

🔧 How to Fix

Set proper Cache-Control headers. Use no-store for sensitive data. Use ETag or Last-Modified for cacheable resources.

🖥️ How to Check

curl -I -o /dev/null -w "%{http_code}" https://example.com

🔗 Related Redirection Codes

301
Moved Permanently
302
Found
303
See Other
307
Temporary Redirect
308
Permanent Redirect
📚 Learn Web Security — Free Course