0

I'm trying to redirect to a post method from another post method, but it seems it's trying to redirect by Get:

[HttpPost]
[Route("Users/NewUser")]
[SystemAuthorize(PermissionForm = Form.USERS, Permissions = PermissionValue.EDIT)]
public ActionResult NewUser(ConsultUserModel m) //This is called from Consult View by post
{
    Debug.WriteLine("I'm here post");
    UserInfoModel model = GetUserInfoModel();
    return RedirectToAction("Edit",  model );
}

[HttpPost]
[Route("Users/Edit")]
[SystemAuthorize(PermissionForm = Form.USERS, Permissions = PermissionValue.EDIT)]
public ActionResult Edit(UserInfoModel edit)
{
    return View(edit);
}

When I call the action results in Server Error:

enter image description here

Dener
  • 121
  • 2
  • 8
  • 1
    Possible duplicate of [How do you redirect to a page using the POST verb?](https://stackoverflow.com/questions/129335/how-do-you-redirect-to-a-page-using-the-post-verb) – Diado Oct 06 '17 at 13:55
  • 1
    "Post" is supposed to change state on the server. Redirects with POST seem dangerous if misused. It should not be supported by browsers natively – Khanh TO Oct 06 '17 at 13:56
  • browser makes get request – arslanaybars Oct 06 '17 at 13:57

2 Answers2

1

As it has already been mentioned, you cannot redirect a post by design.

Now I will propose a solution to your problem:

It seems to me like you are creating a new user and then redirecting them to a place where they can edit their information. The landing action does not need to use a post. Remove [HttpPost] from that one and you should be good to go.

Have another action that uses [HttpPost] and processes the update.

If you are actually trying to save the properties, then abstract the code that updates the user information into a private method and call it from both places.

JuanR
  • 7,405
  • 1
  • 19
  • 30
  • how can I avoid __RequestVerificationToken on url? – Dener Oct 06 '17 at 17:54
  • __RequestVerificationToken is required by the ValidateAntiForgeryToken attribute, which I assume you are using. An alternative would be to return the `Edit` view from the `NewUser` action instead of redirecting. – JuanR Oct 06 '17 at 18:01
  • I'm already doing that, unfortunately, I need to pass a model to the view because it's responsible to care some data from the database to fill dropdown of the View. And that's why I'm getting the RequestVerificationToken on URL. I Wish I could get this data from the controller not from the Model. – Dener Oct 06 '17 at 18:13
  • You can always add it to the ViewBag instead. – JuanR Oct 06 '17 at 18:24
0

A redirect to hit the destination as a POST doesn't make sense. A redirect is done by returning a 302 response to the browser with the link to redirect to. The browser then does a GET, which is what you're seeing.

DiskJunky
  • 4,750
  • 3
  • 37
  • 66