Form Validaton Errors : Render or Redirect?

Question

In the play framework documentation, there are two different ways to handle an action with validation errors :

• Redirect to the index (validation section of the documentation) :

    if (validation.hasErrors()) {
        params.flash(); // add http parameters to the flash scope
        validation.keep();  // keep the errors for the next request
        index();
    }

• Render to the form template (in the tutorial) :

    if (validation.hasErrors()) {
        render("@form", post);
    }

What is the best way to do this ? Render or redirect ?

Answer 1

There are pros and cons for both approaches.

My personal preference is to use the redirect approach, and the reason is that the browser URL correctly states where you are in the application. For example, if your index page calls the login action, if you don't use redirects, then the browser URL will show login, when you are actually on the index page with errors.

But, there is a problem with this approach. To achieve the redirect, and keep the validation error messages, you need to use validation.keep() and params.flash() (see this post here for details), so that the validation errors are kept for the next request. This is achieved behind the scenes by storing the validation errors and the user entered parameters in a Cookie (to ensure that Play remains stateless). As you are probably aware, the HTTP spec limits Cookies to 4Kb, so there is a risk that if you are entering data greater than 4Kb (which is possible for forms where you are entering big pieces of text), then your Cookie will overflow, and you will lose data.

The original method that Play used was the redirect approach, but the second approach was specifically added to the documentation as a workaround because of the Cookie limit.

A third, and a potentially cleaner option is to perform validation from the client side using javascript that envokes some serverside logic using AJAX. A sample of this can be seen in the 10th example of the samples-and-test/validation sample application.

Answer 2

I would prefer to render the form-template again, because I think a redirect wasn't useful in such a situation. If the user press F5 it's still OK that he send the same data again. The only problem the user has, is to get an cancel operation.

To avoid the url-problem COdemwnci mentioned you can use the following trick in the routes.conf

GET  /customer/edit     CustomerController.load()
POST /customer/edit     CustomerController.save()

Then you always have a clean URL.