0

I am looking at the best way to implement POST redirect. Consider this example:

  1. Customer receives the URL: https://domain-a.com
  2. When customer clicks on this URL, we need to redirect the customer to https://domain-b.com
  3. The redirect needs to be over HTTPS POST. In this redirect, some parameters would also be sent.

I searched around for the best way to implement it so that it works for both JS enabled & disabled browsers.

HTTP protocol doesn't support POST redirect. I read about new HTTP status code 307 that can be used for redirect. However, it will not work for us. It says that redirect should happen in the same way as original request. In this case, original request is GET.

The method which I am thinking is this:

  1. domain-a returns an HTML form with all the parameters. The form is present in noscript tag.
  2. Javascript is executed on body load to automatically submit the form to domain-b. I don't want to show the experience of "Submit" button to customer for which they don't need to take any action. It should look more like a normal redirect to them.
  3. JS disabled browser will see the form and they would need to manually click it.

I am looking for feedback on any potential issues with this approach or better way to handle this case.

user1447561
  • 37
  • 5
  • Why not use a htaccess file/web.config to redirect the site? – Liam Sorsby Nov 27 '15 at 18:48
  • I didn't understood your response but if you saying that do the GET redirect through HTTP status code 301/302 then the answer is that its not allowed in this case due to some security concerns. – user1447561 Nov 27 '15 at 18:52
  • If you look at the following post, http://stackoverflow.com/questions/358263/htaccess-is-it-possible-to-redirect-post-data you can stop the processing of the page and use the flag to redirect the parameters over. Not too sure on how javascript would affect search engine bots, however it depends entirely if this is what you are looking for. – Liam Sorsby Nov 27 '15 at 19:00
  • If not would a serverside redirect not be more appropriate. – Liam Sorsby Nov 27 '15 at 19:01
  • server side forward is an option. However, I wanted to first make sure that we don't have a reliable way to do it from the client browser. – user1447561 Nov 27 '15 at 19:08
  • I wouldn't have thought that javascript was the best way forward. I assume if they do, for some reason, have javascript disabled then are they going to click the button? – Liam Sorsby Nov 27 '15 at 19:10

0 Answers0