I need to redirect a user to an external site though a POST request. The only option I figured out is to do it submit a form through JavaScript. <hr> Any ideas?

It's not quite clear what you mean, so let's take a few scenarios: <ol> <li> User should POST form to a server other than your own Easy, just specify the target as the form action: <pre class="prettyprint"><code><form action="http://someotherserver.com" method="post"> </code></pre> </li> <li> User should be redirected after a successful POST submit Easy, accept and process the POST data as usual, then respond with a <code>302</code> or <code>303</code> redirect header. </li> <li> User should POST data to your server and, after validation, you want to POST that data to another server Slightly tricky, but three options: <ul> <li>Your server accepts the POST data and while the user waits for a response, you establish a connection to another server, POSTing the data, receiving a response, then return an answer to the user.</li> <li>You answer with a <code>307</code> redirect, which means the user should attempt the same request at another address. Theoretically it means the browser should POST the same data to another server. I'm not quite sure how well supported this is, but any browser understanding HTTP1.1 should be able to do it. AFAIA it's not used that often in practice. PS: The specification says that a 307 POST redirect needs to be at least acknowledged by the user. Alas, apparently no browser is sticking to the spec here. IE simply repeats the request (so it works for your purposes), but Firefox, Safari and Opera seem to discard the POST data. Hence, this technique is unfortunately unreliable.</li> <li>Use technique #1 combined with hidden form fields, adding one step in between.</li> </ul> </li> </ol> See here for a list of all HTTP redirection options: http://en.wikipedia.org/wiki/Http_status_codes#3xx_Redirection

Just set HTML form's action URL to the particular external site. Here's an SSCCE, just copy'n'paste'n'run it: <pre class="prettyprint"><code><!doctype html> <html lang="en"> <head> <title>SO question 2604530</title> </head> <body> <form action="http://stackoverflow.com/questions/2604530/answer/submit" method="post"> <textarea name="post-text"></textarea> <input type="submit" value="Post Your Answer"> </form> </body> </html> </code></pre> You'll see that Stackoverflow has good CSRF protection ;)

A good way to redirect with a POST request?

2 Answers

It's not quite clear what you mean, so let's take a few scenarios:

User should POST form to a server other than your own

Easy, just specify the target as the form action:
```
<form action="http://someotherserver.com" method="post"> 
```
User should be redirected after a successful POST submit

Easy, accept and process the POST data as usual, then respond with a 302 or 303 redirect header.
User should POST data to your server and, after validation, you want to POST that data to another server

Slightly tricky, but three options:
- Your server accepts the POST data and while the user waits for a response, you establish a connection to another server, POSTing the data, receiving a response, then return an answer to the user.
- You answer with a 307 redirect, which means the user should attempt the same request at another address. Theoretically it means the browser should POST the same data to another server. I'm not quite sure how well supported this is, but any browser understanding HTTP1.1 should be able to do it. AFAIA it's not used that often in practice.
  PS: The specification says that a 307 POST redirect needs to be at least acknowledged by the user. Alas, apparently no browser is sticking to the spec here. IE simply repeats the request (so it works for your purposes), but Firefox, Safari and Opera seem to discard the POST data. Hence, this technique is unfortunately unreliable.
- Use technique #1 combined with hidden form fields, adding one step in between.

See here for a list of all HTTP redirection options: http://en.wikipedia.org/wiki/Http_status_codes#3xx_Redirection

answered Sep 27 '22 18:09

deceze

Just set HTML form's action URL to the particular external site.

Here's an SSCCE, just copy'n'paste'n'run it:

<!doctype html> <html lang="en">     <head>         <title>SO question 2604530</title>     </head>     <body>         <form action="http://stackoverflow.com/questions/2604530/answer/submit" method="post">             <textarea name="post-text"></textarea>             <input type="submit" value="Post Your Answer">         </form>     </body> </html>

You'll see that Stackoverflow has good CSRF protection ;)

answered Sep 27 '22 16:09

BalusC

Related questions
                            
                                jasmine mock window object
                            
                                Node.JS: How to pass variables to asynchronous callbacks? [duplicate]
                            
                                Remove element from JSON Object
                            
                                Greasemonkey/ Tampermonkey @match for a page with parameters
                            
                                How to brew install specific version of Node?
                            
                                Horizontal swipe slider with jQuery and touch devices support?
                            
                                What is $scope in AngularJS? [closed]
                            
                                How to make function parameter constant in JavaScript?
                            
                                Get canvas from context
                            
                                How to instantiate a javascript class in another js file?
                            
                                JSON.stringify (Javascript) and json.dumps (Python) not equivalent on a list?
                            
                                'this' in function inside prototype function [duplicate]
                            
                                How can I disable signature checking for Firefox add-ons?
                            
                                Is it possible to trigger a link's (or any element's) click event through JavaScript?
                            
                                Difference between onMouseOver and onMouseEnter
                            
                                Socket IO Server to Server
                            
                                How do I play audio files synchronously in JavaScript?
                            
                                Do you ever need to specify 'javascript:' in an onclick?
                            
                                How to detect if the pressed key will produce a character inside an <input> text-box?
                            
                                Concatenate and minify JavaScript on the fly OR at build time - ASP.NET MVC

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

A good way to redirect with a POST request?

Tags:

javascript

html

redirect

django

RadiantHex

People also ask

2 Answers

deceze

BalusC

Recent Activity

Donate For Us