Redirecting with a POST

cosmicperl has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: Redirecting with a POST by simonm (Vicar) on Dec 23, 2005 at 03:20 UTC
The pages you find are generally correct -- if a browser sends you a GET request, and you send back a redirect message, there's no way to make that next request be performed as a POST. You could send a very small HTML page that cotnained a JavaScript command that performed a POST...	[reply]
Re: Redirecting with a POST by ikegami (Patriarch) on Dec 23, 2005 at 05:42 UTC
Response code 307 was added to HTTP/1.1 to do just that. A 307 should redirect a POST, but whether clients recognize and obey this directive is unknown. Also, the RFC specifies that POST redirections require user intervention: If the 307 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued. However, you are able to fake it. You can output an HTML form with hidden fields and ask the user to click the submit button. You might even be able to get JavaScript to click the button automatically.	[reply]
Re: Redirecting with a POST by TedPride (Priest) on Dec 23, 2005 at 03:41 UTC
Hmm. An explanation of why you're trying to do something will generally help with the how. You could, for instance, forget about HTTP POST entirely and pass the data in a temporary file numbered according to IP - but if the script you're trying to pass to is on another server, that won't help. Or, as mentioned above, you could return a page with all the post data in hidden form fields and have it submit itself using Javascript - but if the browser doesn't have Javascript, or has Javascript turned off, that method won't work so well either.	[reply]
Re: Redirecting with a POST by Celada (Monk) on Dec 23, 2005 at 06:14 UTC
Further to ikegami's response, I'd like to point out that one of the best discussions of this sad state of affairs that originally came about because essentially all user agents ignored the HTTP standard is part of the Lynx FAQ. Essentially you will not be able to rely on consistent browser behaviour or standard adherence because of this.	[reply]
Re: Redirecting with a POST by zentara (Archbishop) on Dec 23, 2005 at 11:44 UTC
I don't really know what your problem is, but here are 2 scripts I use to test an old cgi store's CC verification. I set up a script to accept POST data, then resend it as POST data, with a true or false added. It just cats everything it receives as POST, adds the true/false value, and sends it out as POST. ##### the respgen.pl generator which receives data ##### and decides if it's valid or not #!/usr/bin/perl use warnings; use CGI 'cgi'; use LWP::UserAgent; our ($secure_server_address,$cgi_directory); require './store_cfg'; print "Content-type: text/html\n\n"; #my $test= 'FALSE'; my $test= 'TRUE'; my $relay; my $cgi = new CGI; my %input= $cgi->Vars(); foreach $name (keys %input){ $value = $input{$name}; $relay .= "$name=$value&"; } $relay .= "Ecom_transaction_complete=$test&"; $relay .= "IOC_response_code=0&"; open (RT,">test/respgen.test"); print RT $relay; close RT; my $ua = LWP::UserAgent->new(); my $req = HTTP::Request->new (POST => "$secure_server_address$cgi_dire +ctory/boacc.pl"); $req->content_type('application/x-www-form-urlencoded'); $req->content("$relay"); my $res = $ua->request($req); print $res->as_string; [download] And here is a simple test program for it. #!/usr/bin/perl use warnings; #use this to test cc transaction, it simulates the output of perlshop use warnings; use HTTP::Request::Common qw(POST); use LWP::UserAgent; $grand_total= '109.34'; $order_id= '999999999'; $street1= '9 9th Street'; $country= 'US'; $email= 'z9@z9.com'; $first= 'zjoe'; $last= 'zmon'; $card_no= '4111 1111 1111 1111'; $exp_mon= '09'; $exp_yr= '2004'; $zip= '48127'; $ua = LWP::UserAgent->new(); $req = POST 'http://zentara.zentara.net/~zentara/cgi-bin/store/respgen +.pl', ['IOC_merchant_id' => '4301330018817403', 'IOC_order_total_amount' => "$grand_total", 'IOC_merchant_shopper_id' => 'susehost', 'IOC_merchant_order_id' => "$order_id", 'ecom_billto_postal_street_line1' => "$street1", 'ecom_billto_postal_postalcode' => "$zip", 'ecom_billto_postal_countrycode' => "$country", 'ecom_billto_online_email' => "$email", 'ecom_payment_card_name' => "$first $last", 'ecom_payment_card_number' => "$card_no", 'ecom_payment_card_expdate_month' => "$exp_mon", 'ecom_payment_card_expdate_year' => "$exp_yr", 'url' => 'http://zentara.zentara.net/~zentara/cgi-bin/shop/boacc.pl' +, ]; $content = $ua->request($req)->as_string; print $content; [download] I'm not really a human, but I play one on earth. flash japh	[reply] [d/l] [select]
Re: Redirecting with a POST by pajout (Curate) on Dec 23, 2005 at 11:11 UTC
Slightly OT: According to TedPride, I believe that external redirect is evil :) Of course, it can be helpfull when quickly hacking legacy applications, but, IMHO, this is way to the hell when used on development phase...	[reply]


Problems? Is your data what you think it is?
	PerlMonks