473,396 Members | 2,029 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,396 software developers and data experts.

How to simulate post method while redirecting to new URL?

Hi Coders,
I have to redirect from my server to the different server page by simulating the POST method submit from the Controller file, I tried using post_via_redirect, but could not succeed... though redirect_to just redirects to given URL, I need to pass parameters using POST.
Rails 1.2.3,
ruby 1.8.6 (2007-03-13 patchlevel 0) [i686-linux]
Linux 2.6.9-42 box.

I used the following code in the action method:
post_via_redirect("http://some_site:8080/login.xhtml",{:userName => 'login_id', :password => 'some_password'})
which failed to redirect and asking for the file template with the action name.

if I use redirect_to ("http://some_site:8080/login.xhtml") it will take me to login page, which I dont want, I should directly login without entering username and password.

If I call this page using HTML form Submit (POST method with username and password) it directly logs into the system.
Expand|Select|Wrap|Line Numbers
  1.   <form method=post action="http://some_site:8080/login.xhtml">
  2.   <input type="hidden" id="userName" name="userName" value="login_id" >
  3.   <br>
  4.   <input type="hidden" id="password" name="password" value="some_password" > 
  5.   <br>
  6.   <input type="submit" value="submit">
Scenario explained in detail :
I have to click on the button in my home page, which calls a Controler/action
in that action, I need to redirect to new url (ex: http://new_site:8080/login)
while redirecting, I need to post the username and password as a POST arguments and NOT in the URL (get method).

If there are any Sample code, it will be very helpful.

Sep 12 '08 #1
6 29708
303 Expert 100+
I've never tried to do that before, so my only thought is to try
Expand|Select|Wrap|Line Numbers
  1. redirect_to("http://some_site:8080/login.xhtml?userName=login_id&password=some_password)
Sep 12 '08 #2
I've never tried to do that before, so my only thought is to try
Expand|Select|Wrap|Line Numbers
  1. redirect_to("http://some_site:8080/login.xhtml?userName=login_id&password=some_password)
Thanks for replying, but as you can see, sending username and password is security prone, and which is not the desired solution, we need to hide the username and password from displaying it in the firebug and sort of it(which displays the entire GET parameters in the URL).

And the other server code (which is maintained by others) works only for POST method, and GET method from URL is not handled.

If you have any other solution, that would be a great helpful.
Sep 15 '08 #3
I got a round about solution for that, I created a rhtml page in the name of action, and added the FORM with method=post, and generated the html, at the end of the form, I used the script to submit the form, this works very quick (though I have added a Loading... icon in the div to avoid seeing the blank page just in case).

File: app/controllers/my_redirect_controler.rb
Expand|Select|Wrap|Line Numbers
  1. ...
  2. def redirect_post
  3. end
  4. ...
Inside app/views/my_redirect/redirect_post.rhtml
Expand|Select|Wrap|Line Numbers
  1. <html>
  2. <body>
  3. <form method=post action="http://some_site:8080/login.xhtml" id='my_form'>
  4. <input type="hidden" id="userName" name="userName" value="login_id" >
  5. <input type="hidden" id="password" name="password" value="some_password" >
  6. </form>
  7.   <script>
  8.     document.getElementById("my_form").submit()
  9.   </script>
  10.  </body>
  11. </html>
So, now from the index page if I have a link which links to the action->controller
Expand|Select|Wrap|Line Numbers
  1. <%= link_to( image_tag("Redirect.gif"), {:controller=>'my_redirect', :action => "redirect_post"})%>
This will solve me the problem I was facing.

Sep 17 '08 #4
303 Expert 100+
That sounds like that should work. Alternatively, could you put the form on the index page, so when you click the link, it submits the form instead of redirecting? That might save you the redirect page and you wouldn't have to use javascript.
Sep 17 '08 #5
I think that this is still a security hole, big enough to build a highway through...
You are still sending the username & password to the user's computer and posting it from there then.
If the user doesn't have JS activated, the form will never be posted, so she will be able to look in the source and see the response there. (or with JS enabled even more easier, simply click on the request in firebug and see the post values there). By the way: the same is true for search engines...
Oct 8 '08 #6
14,534 Expert Mod 8TB
This thread is closed to posting due to repeated spamming.
Oct 7 '10 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

by: mickbw | last post by:
I am unable to display PHP pages generated by a submission of a form using a POST method. To illustrate this, I created a very simple form called TestForm.php . <!DOCTYPE html PUBLIC...
by: Thomas Scheiderich | last post by:
I am trying to understand Session variables and ran into a question on how they work with data that is passed. I have an HTM file that calls an ASP file and sends the name either by GET or POST....
by: Asp Help | last post by:
I'm working on a ASP applicatition to create Windows 2000 users. Because I don't want everybody to have access to the site I've changed te security in IIS 5.0 which runs on a windows 2000 Sp4...
by: Eric | last post by:
I am certain the answer will be 'NO', but I wanted to ask anyway just incase I have missed something. Everyone knows that one pass data to a page in an anchor tag by using the GET Method: <a...
by: VB Programmer | last post by:
Can someone provide a simple explanation on the difference between the GET and POST methods? What are the adv/disadv of both and when should I use them? Thanks.
by: WJ | last post by:
I have an Asp.Net page that redirects the user to another page with a piece of data to be passed. Below is the c# instruction: Response.Redirect("mySpecialPage.aspx?go1="+strGoName); This will...
by: Vishal | last post by:
Hello, I already asked this question in the ASP.NET forums, but no help came. So I am hoping that somebody can help me out. This is really very URGENT me. For my e-commerce application, I...
by: Ricardo Magalhaes | last post by:
Hi, I have an ASPX page and I need to call an ASP page sending parameters like Name, Adress, ie. using POST method. This next ASP page show payment informations.. If was from an ASP to...
by: Bob Bedford | last post by:
Hi all, I've to accept a file that is sent using a POST method. The file will be sent using this URL: http://username:pass@www.mysite.com/upload.php How can I retrieve the username and...
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.