Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

Re^4: Sending information via HTTP "POST" without submitting a form

by jeyroz (Monk)
on Jun 20, 2005 at 23:04 UTC ( [id://468510]=note: print w/replies, xml ) Need Help??


in reply to Re^3: Sending information via HTTP "POST" without submitting a form
in thread Sending information via HTTP "POST" without submitting a form

jhourcle, thanks for your reply.

The payment processor simply expects a form to be submitted with payment information. The client has asked that we verify some "Terms of Use", etc. before their customer remits payment. We are validating their 'acceptance' of the Terms with javascript but would like backend validation as well (for obvious reasons). As you would expect, the payment processor doesn't offer validation of non payment information on their system ... therefore I am left to validate these elements once the form is submitted but before the request is sent to the payment processor. After our validation is complete the information and the user need to be redirected to the payment processor's server to complete the transaction. I would like to transfer this info via POST instead of GET as would be the case if I attached the information to a redirect like so: $q->redirect('processor_server?info=foo&info2=bar').

If this is still unclear please let me know.

author => jeyroz

  • Comment on Re^4: Sending information via HTTP "POST" without submitting a form

Replies are listed 'Best First'.
Re^5: Sending information via HTTP "POST" without submitting a form
by jhourcle (Prior) on Jun 21, 2005 at 00:49 UTC

    It's clear -- but I wouldn't normally want to pass control of the user's session to another server.

    You're right, in that you do not want to do this with GET. In fact, you should never send anything sensitive in the URI, and should never use GET for something that might have side-effects. Modifications should be reserved for POST (or PUT or DELETE, but most servers don't implement it)

    Redirection in general is a tricky thing when you're trying to force someone to post. The HTTP spec specifically warns browser authors about how they're supposed to handle redirection.

    From what you're describing, I would probably have the user first go to a page for them to look over what it is that they're ordering, and on that page, populate a number of hidden fields, and have then click a subtly-disguised submit button that sends them to the alternate server in question.

    I still don't like giving them control, though. Perhaps set a TARGET on the form submit, so it comes up in another window, or something.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://468510]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others studying the Monastery: (None)
    As of 2024-07-21 12:58 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      No recent polls found

      Notices?
      erzuuli‥ 🛈The London Perl and Raku Workshop takes place on 26th Oct 2024. If your company depends on Perl, please consider sponsoring and/or attending.