POST without Redirect/GET?
https://stackoverflow.com/questions/9074301
-
21-04-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
A coworker of mine was working on preventing duplicate form submissions (on a successful submission, we are emailed and a DB entry is created). Submissions are not successful if there are errors on the form.
I was reviewing his code, and I noted that he only used P/R/G on a successful submission. The form submission would still be duplicated on a refresh/revisit if it were not successful. I noted this in my review, but he argued that he didn't see a benefit to redirect every time because the unsuccessful submission is ignored. I noted that if a user refreshes the page or revisits it in history, they will still get a "CONFIRM FORM RESUBMISSION" warning in major browsers.
Is this enough of a reason to redirect after each POST? Whether or not it is, is there any other reason to redirect after a POST even if the submission is idempotent (due to errors in the form)? Is there ever a reason that you should not redirect after a form submission?
Solution
The main reason is due to every modern browser's obnoxious dialog box that opens when you hit the "Back" or "Reload" button (and people do - often, whether you want them to or not) after a POST operation, warning you that a POST re-submit is about to take place. I certainly understand why they chose to do this, but it does mean that as programmers we go to great lengths to ensure that a user doesn't have to ever see the message.
So, I disagree with those who say there is no reason to redirect after an unsuccessful post. Theoretically there shouldn't be one, yes, but due to user interface issues with browsers, yes, absolutely you need to.
OTHER TIPS
There is no reason to redirect after an unsuccessful POST. Repeating it won't do any harm and it makes your life easier since you do not need to store all form values in the session for re-filling the form.
Besides that, during development it makes thing much easier especially when using a file upload field since you can just make the form submission always fail and then hit F5 until all your validation code etc works fine.
