Facebook – Why is Facebook redirecting to homepage when accessing a particular profile name

Regardless of being or not logged in to Facebook, when I access a profile username URL like https://www.facebook.com/someusername (note this is not the username in question) I am redirected to Facebook homepage.

I have read "What are the guidelines around creating a custom username for my Page or profile?" and "The username I want isn't available" help articles but I am unable to figure out in which case is an error displayed and in which one redirection happens.

How do I find out in what cases Facebook performs redirection instead of showing the more common "The link you followed may be broken, or the page may have been removed" message?

In response to comments, here is the HTTP dialogue between my browser and Facebook server (not exactly a network capture but what Chrome tells me in the inspect console; a tcpdump wouldn't have worked anyway because of encryption):

Remote Address:173.252.120.6:443
Request URL:https://www.facebook.com/mydesiredusername
Request Method:GET
Status Code:302 forced.302

Request Headers
:host:www.facebook.com
:method:GET
:path:/mydesiredusername
:scheme:https
:version:HTTP/1.1
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip,deflate
accept-language:en-US,en;q=0.8,ro;q=0.6
user-agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2138.3 Safari/537.36  

Response Headers
cache-control:private, no-cache, no-store, must-revalidate
content-length:0
content-security-policy:default-src *;script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassolutions.com chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl;style-src * 'unsafe-inline';connect-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com:* https://*.akamaihd.net wss://*.facebook.com:* ws://*.facebook.com:* http://*.akamaihd.net https://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com https://attachment.fbsbx.com;
content-type:text/html; charset=utf-8
date:Fri, 29 Aug 2014 15:18:48 GMT
expires:Sat, 01 Jan 2000 00:00:00 GMT
location:https://www.facebook.com/
p3p:CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
pragma:no-cache
set-cookie:next_path=%2Fmydesiredusername; path=/; domain=.facebook.com; httponly
set-cookie:next=https%3A%2F%2Fwww.facebook.com%2Fmydesiredusername; path=/; domain=.facebook.com; httponly
set-cookie:datr=gL40VKc9de7X2JkAkAa8pC6d; expires=Sun, 28-Aug-2016 15:18:48 GMT; Max-Age=63072000; path=/; domain=.facebook.com; httponly
status:302 forced.302
strict-transport-security:max-age=15552000
version:HTTP/1.1
x-content-type-options:nosniff
x-fb-debug:eG4PPd7AXspQtvCrF0QpDa8O83xqPwXmp71aLaELCSsd9EmWUpUTaR5giSBxSMnD8EcXi3dJS54PsnsVshL0mg==
x-frame-options:DENY
x-xss-protection:0

And this is the different response for another username that DOES exist:

Remote Address:173.252.120.6:443
Request URL:https://www.facebook.com/zuck
Request Method:GET
Status Code:200 OK  

Request Headers
:host:www.facebook.com
:method:GET
:path:/zuck
:scheme:https
:version:HTTP/1.1
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip,deflate
accept-language:en-US,en;q=0.8,ro;q=0.6
cookie:datr=2JkAVKcAa8pC6gL407Xd9dek; next=https%3A%2F%2Fwww.facebook.com%2Fcostinel; next_path=%2Fcostinel; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2F; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2F
user-agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2138.3 Safari/537.36  

Response Headers
cache-control:private, no-cache, no-store, must-revalidate
content-encoding:gzip
content-security-policy:default-src *;script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassolutions.com chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl;style-src * 'unsafe-inline';connect-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com:* https://*.akamaihd.net wss://*.facebook.com:* ws://*.facebook.com:* http://*.akamaihd.net https://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com https://attachment.fbsbx.com;
content-type:text/html; charset=utf-8
date:Fri, 29 Aug 2014 15:42:43 GMT
expires:Sat, 01 Jan 2000 00:00:00 GMT
p3p:CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
pragma:no-cache
set-cookie:reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fzuck; path=/; domain=.facebook.com
set-cookie:reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com
status:200 OK
strict-transport-security:max-age=15552000
version:HTTP/1.1
x-content-type-options:nosniff
x-fb-debug:0wJCS7YL4wH7ZWIloMFBlzzylt5wW4V3fjaOJJ4vsfCzuiljp3ggQQnYwyAkMHujWHkkSstCdV8CCAo+i6Cf+Q==
x-frame-options:DENY
x-xss-protection:0

And finally this is the response when the username does not exist:

Remote Address:173.252.120.6:443
Request URL:https://www.facebook.com/zuckdoesnotexist
Request Method:GET
Status Code:404 Not Found  

Request Headers
:host:www.facebook.com
:method:GET
:path:/zuckdoesnotexist
:scheme:https
:version:HTTP/1.1
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip,deflate
accept-language:en-US,en;q=0.8,ro;q=0.6
cookie:datr=2JkAVKcAa8pC6gL407Xd9dek; next=https%3A%2F%2Fwww.facebook.com%2Fcostinel; next_path=%2Fcostinel; reg_fb_gate=https%3A%2F%2Fwww.facebook.com%2F; reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fzuck
user-agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2138.3 Safari/537.36  

Response Headers
cache-control:private, no-cache, no-store, must-revalidate
content-encoding:gzip
content-security-policy:default-src *;script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' https://*.akamaihd.net http://*.akamaihd.net *.atlassolutions.com chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl;style-src * 'unsafe-inline';connect-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.spotilocal.com:* https://*.akamaihd.net wss://*.facebook.com:* ws://*.facebook.com:* http://*.akamaihd.net https://fb.scanandcleanlocal.com:* *.atlassolutions.com http://attachment.fbsbx.com https://attachment.fbsbx.com;
content-type:text/html; charset=utf-8
date:Fri, 29 Aug 2014 15:46:35 GMT
expires:Sat, 01 Jan 2000 00:00:00 GMT
p3p:CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
pragma:no-cache
set-cookie:reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Fzuckdoesnotexist; path=/; domain=.facebook.com
set-cookie:reg_ext_ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.facebook.com
status:404 Not Found
strict-transport-security:max-age=15552000
version:HTTP/1.1
x-content-type-options:nosniff
x-fb-debug:zJHNyJNzOhh58U9V8uJ0xF1sL9e/BTNMao+DN361Mv5IBZ+T36Y1a7uhZxbDyvzrhNrC2yMnKfMQj6q49Cg6HA==
x-frame-options:DENY
x-xss-protection:0

Observe the different 302, 200 and 404 HTTP statuses response for each case. Why is it issuing 302 in my case?

PLEASE NOTE that I am not interested in the technical reasons for issuing a 302 code (I can find that in the RFC), but rather in what is their policy for issuing a 302 redirect to their front page when requesting a particular profile name that seems to not exist but be unavailable when choosing it at https://www.facebook.com/username, at the same time!

Best Answer

If you tell me your username or by which name you are trying I would have checked it once, but i seen some examples by typing different names. So what i got for you is->302 means FOUND more about 302 The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.

The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).

If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.

  Note: RFC 1945 and RFC 2068 specify that the client is not allowed
  to change the method on the redirected request.  However, most
  existing user agent implementations treat 302 as if it were a 303
  response, performing a GET on the Location field-value regardless
  of the original request method. The status codes 303 and 307 have
  been added for servers that wish to make unambiguously clear which
  kind of reaction is expected of the client.

Best Answer

Related Solutions

Facebook Font – How to Create a Stylish Facebook Profile Name

Facebook – How to remove Facebook username and return to profile ID

Related Topic