Redirect offsite page with POST instead of GET in JSF

Question

In the payment section of our website, I get from the bank its paymentPage URL and paymentID. After that I have to redirect the client browser to the bank paymentPage URL using POST method, not GET. Just to note that the bank paymentPage URL is offsite, it is not connected with our server.

I couldn't find a smart solution in JSF 1.2 & Spring that deals the problem. One trivial solution is to create a simple jsf page with the following body(using JavaScript):

<body OnLoad="OnLoadEvent();">
<form action="<%=url %>" method="post" name="form1">
    <input type="hidden" name="PaymentID" value="<%=paymentId %>"  />
</form>
<script language="JavaScript">

function OnLoadEvent() {
   document.form1.submit();
}
</script>

Can you give me any better solution using the JavaServet API, JSF and Spring APIs?

In my opinion, in the Controller I have a method proceedToPayment() where I will take from ServletContext(or FacesContext) the Request object. But after that I have no idea how to forward paymentPage URL using POST method.

P.S. It seems that it is a more general question. I found a similar query for ASP here.

Related: http://stackoverflow.com/questions/4913289/jsf-i-want-to-send-post-request-inside-action-bean — BalusC, Mar 16 '11 at 18:00

score 0 · Answer 1 · answered Mar 16 '11 at 20:44

0

This has nothing to do with JSF, Spring, PHP, ASP or any other server-side technology.

The only channel of communication between server and client are HTTP headers. And there is no header that would reliably force a modern browser to do a redirect by POST. A Form with a hidden field activated by Javascript is the only choice.

answered Mar 16 '11 at 20:44

fdreger

12,264
1
36
42

1

It's possible with HTTP 307. It only shows a security warning on the browser. – BalusC Mar 16 '11 at 21:00
1

@BalusC: Even if you do not mind the warning (IE will not give any, btw), I do not see how this helps given the scenario. A 307 redirect will preserve the request body. And since you will not be able to add any parameters to the request, you must include them in the original POST request to the server, which means you are stack with a form with a hidden field, which is exactly what we wanted to avoid in the first place (and what could be avoided with normal redirect, where you can add any GET parameters at the server side). – fdreger Mar 19 '11 at 17:12
@BalusC: I have no idea. I myself would not mind. But avoiding such form was the point of the question. Tsetso presented us with a solution using a form and some Javascript, and asked, quote "Can you give me any better solution using the JavaServet API, JSF and Spring APIs?". Redirecting with 307 would require an identical form PLUS some server-side code. It hardly counts as a "better solution". – fdreger Mar 19 '11 at 19:52

Redirect offsite page with POST instead of GET in JSF

1 Answers1