Response.Redirect 与 POST 而不是 Get? [英] Response.Redirect with POST instead of Get?

问题描述

我们需要提交表单并保存一些数据，然后将用户重定向到异地页面，但在重定向时，我们需要使用 POST 而非 GET 来提交"表单.

We have the requirement to take a form submission and save some data, then redirect the user to a page offsite, but in redirecting, we need to "submit" a form with POST, not GET.

我希望有一种简单的方法来实现这一点，但我开始认为没有.我想我现在必须创建一个简单的其他页面，只有我想要的表单，重定向到它，填充表单变量，然后对仅调用 document.forms[0].submit();

I was hoping there was an easy way to accomplish this, but I'm starting to think there isn't. I think I must now create a simple other page, with just the form that I want, redirect to it, populate the form variables, then do a body.onload call to a script that merely calls document.forms[0].submit();

谁能告诉我是否有替代方案?我们可能需要在项目后期进行调整，这可能会变得有点复杂，所以如果有一个简单的方法，我们可以做到这一点，所有非其他页面都依赖，那就太棒了.

Can anyone tell me if there is an alternative? We might need to tweak this later in the project, and it might get sort of complicated, so if there was an easy we could do this all non-other page dependent that would be fantastic.

无论如何，感谢您的所有回复.

Anyway, thanks for any and all responses.

推荐答案

这样做需要了解 HTTP 重定向的工作原理.当您使用 Response.Redirect() 时，您将使用 HTTP 状态代码 302，它告诉浏览器下一步要去哪里.根据定义，浏览器将通过 GET 请求来实现，即使原始请求是 POST.

Doing this requires understanding how HTTP redirects work. When you use Response.Redirect(), you send a response (to the browser that made the request) with HTTP Status Code 302, which tells the browser where to go next. By definition, the browser will make that via a GET request, even if the original request was a POST.

另一种选择是使用 HTTP 状态代码 307，它指定浏览器应该以与原始请求相同的方式发出重定向请求，但以安全警告提示用户.要做到这一点，你可以这样写:

Another option is to use HTTP Status Code 307, which specifies that the browser should make the redirect request in the same way as the original request, but to prompt the user with a security warning. To do that, you would write something like this:

public void PageLoad(object sender, EventArgs e)
{
    // Process the post on your side   

    Response.Status = "307 Temporary Redirect";
    Response.AddHeader("Location", "http://example.com/page/to/post.to");
}

不幸的是，这并不总是有效.不同的浏览器以不同的方式实现这一点，因为它不是一个常见的状态代码.

Unfortunately, this won't always work. Different browsers implement this differently, since it is not a common status code.

唉，与 Opera 和 FireFox 开发人员不同，IE 开发人员从未阅读过规范，即使是最新、最安全的 IE7 也会将 POST 请求从域 A 重定向到域 B，而不会出现任何警告或确认对话框！Safari 还以一种有趣的方式运行，虽然它不会引发确认对话框并执行重定向，但它会丢弃 POST 数据，有效地将 307 重定向更改为更常见的 302.

Alas, unlike the Opera and FireFox developers, the IE developers have never read the spec, and even the latest, most secure IE7 will redirect the POST request from domain A to domain B without any warnings or confirmation dialogs! Safari also acts in an interesting manner, while it does not raise a confirmation dialog and performs the redirect, it throws away the POST data, effectively changing 307 redirect into the more common 302.

因此，据我所知，实现此类功能的唯一方法是使用 Javascript.我能想到两个选项:

So, as far as I know, the only way to implement something like this would be to use Javascript. There are two options I can think of off the top of my head:

1. 创建表单并将其 action 属性指向第三方服务器.然后，向提交按钮添加一个点击事件，该按钮首先使用数据向您的服务器执行 AJAX 请求，然后允许将表单提交给第三方服务器.
2. 创建表单以发布到您的服务器.提交表单后，向用户显示一个页面，其中包含一个表单，其中包含您要传递的所有数据，所有数据都隐藏在输入中.只需显示重定向..."之类的消息.然后，将一个 javascript 事件添加到将表单提交给第三方服务器的页面.

1. Create the form and have its action attribute point to the third-party server. Then, add a click event to the submit button that first executes an AJAX request to your server with the data, and then allows the form to be submitted to the third-party server.
2. Create the form to post to your server. When the form is submitted, show the user a page that has a form in it with all of the data you want to pass on, all in hidden inputs. Just show a message like "Redirecting...". Then, add a javascript event to the page that submits the form to the third-party server.

在这两者中，我会选择第二个，原因有二.首先，它比第一个更可靠，因为它不需要 Javascript 才能工作；对于那些没有启用它的人，您可以始终使隐藏表单的提交按钮可见，并指示他们在超过 5 秒时按下它.其次，您可以决定将哪些数据传输到第三方服务器；如果您使用 just process 表单，您将传递所有发布数据，这并不总是您想要的.307 解决方案也是如此，假设它适用于您的所有用户.

Of the two, I would choose the second, for two reasons. First, it is more reliable than the first because Javascript is not required for it to work; for those who don't have it enabled, you can always make the submit button for the hidden form visible, and instruct them to press it if it takes more than 5 seconds. Second, you can decide what data gets transmitted to the third-party server; if you use just process the form as it goes by, you will be passing along all of the post data, which is not always what you want. Same for the 307 solution, assuming it worked for all of your users.

希望这有帮助！

这篇关于Response.Redirect 与 POST 而不是 Get?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！