Just started learning Slim3. Have been spending some time figuring out how to perform redirects with overriding original request type with no success.
I want the /origin route to perform the redirect to /dest route.
/origin route receives GET request performs validation and after success redirects with POST request to /dest uri route. Here is the screenshot. I think I am doing something dumb here:
$app->get('/origin', function($req,$res,$args)
{
$req= $req->withHeader('X-Http-Method-Override','POST');
return $res->withRedirect('/dest');
});
$app->post('/dest', function($req,$res,$args)
{
echo "this is destination page";
});
As noted in the comment, this is not possible as the request made by the browser is not in your control.
When you call ->withRedirect() you are sending a status code of 302 and a Location header to the HTTP client (web browser usually).
The web browser sees the 302 status code and then issues a new request to the URL in the Location header. The server has no control over this request and every web browser makes a GET request.
Now, if you want to redirect a POST request to another URL and keep the same POST method, then you can use the 307 status code with a Location header and the browser should do the right thing. Note that this code does not let you change a GET into a POST - it just keeps the same method as the original request for the followup redirection request.
Related
I'm using Slim PHP and want to redirect the user to /login if they are not logged in but try to access a page that requires a user to be logged in. When searching for how to build my middleware, I find variations of this code all over the place
class Auth{
public function requireLogin(Request $request, Response $response, $next){
if( !isLoggedIn() ) return $response->withRedirect('/login', 403);
return $next($request, $response);
}
}
for example in this SO answer and this Slim discourse answer.
The problem is that I can't get the combination of redirecting and HTTP 403 to work. From what I can tell, normal HTTP redirects are restricted to the HTTP codes 3xx. Indeed, the above code works fine when used with for example 302.
Am I missing something, or are all the answers that combine withRedirect and 403 "incorrect" (as in not causing an actual redirect of the users browser)?
If your application is an HTML website that's accessed using a web browser, then the browser will only redirect if the status code is a 3xx one.
If your application is an API that's accessed using an HTTP client then you have more leeway. For an API, you'd use a 403 or 401 status code to indicate that the request cannot be fulfilled without authorisation. You may also include a Location header to tell the client where to go to get authorisation, but of course it's up to the client if they follow up on that link.
I am using Laravel 5.3 and trying to redirect to a url with custom headers. But some how I am not getting the header value in redirected page or we can say header value is not getting sent while redirecting.
I am using this code:
return redirect()->route('frontend.seller.signup')->header('referal_code', $referal_code);
and For fetch Header value I use below code but I not recieve header value
$referal_code = Request::header('referal_code');
Please let me know if I'm doing something wrong.
When you set headers for your response (even redirect is a response), headers are send to the client's browser.
The browser will process the response and redirect the page to the new URL and make a new request to server, so as you can figure out, your previous custom headers will not be available in the new request.
You can send any var using with() function to target url:
redirect()->route('frontend.seller.signup')->with('referral_code', $referral_code);
And get the variable in your target function using session:
$referral_code = session('referral_code');
By the way you can get the referrer in each request without setting any parameter in the referrer, if this is helpful in your case:
$referer = $request->headers->get('referer');
I am trying to catch POST response send to me by external API.
The problem is that POST array is completely empty while I can check in firebug that browser recieved it but with codes 302 FOUND and second (with same body) with code 307 TEMPORARY REDIRECT:
Is there any way to grab this data inside my script or is this something wrong with server re-directions?
If you are using the CURL library, there are two options that help with your case:
curl_setopt($curl,CURLOPT_HEADER,1);
This returns the response header including the status code. You can see whether 302 is returned.
Or you can simply follow the redirect
curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
Edit: sorry just saw you were doing this on the client side.
If this is an AJAX call, you can get the status code in the raw XHR object.
How can I not download request's body?
Using CURLOPT_NOBODY it performs HEAD request not sending POST data.
Uing FOLLOWLOCATION=0 I make request+body+request+body.
Using FOLLOWLOCATION=1 it makes request+request+body if it redirects to url I need.
If it redirects to the page I don't need I make request+request+body+request+body
I need: Request ignoring body + request with body.
Something like 3rd option but with redirect to url I really need (that obviously I can't control).
I'm writing a very basic Facebook app, but I'm encountering an issue with cross-domain AJAX requests (using jQuery).
I've written a proxy page to make requests to the graph via cURL that I'm calling via AJAX. I can visit the page in the browser and see it has the correct output, but requesting the page via always causes jQuery to fire the error handler callback.
So I have two files:
Proxy, which does the cURL request
<?php
//Do some cURL requests, manipulate some data
//return it as JSON
print json_encode($data);
?>
The facebook canvas, which contains this AJAX call
$.getJSON("http://myDomain.com/proxy.php?get=stuff",
function(JSON)
{
alert("success");
})
.error(function(err)
{
alert("err");
});
Inspecting the call with Firebug shows it returns with HTTP code 200 OK, but the error handler is always fired, and no content is returned. This happens whether I set Content-Type: application/json or not.
I have written JSON-returning APIs in PHP before using AJAX and never had this trouble.
What could be causing the request to always trigger the error handler?
Recently I experienced the same issue and my problem was the fact that there was a domain difference between the webpage and the API, due to the SSL.
The web page got a HTTP address (http://myDomain.com) and the content I was requesting with JQuery was on the same domain but HTTPS protocol (https://myDomain.com). The browser (Chrome in this case) considered that the domains were differents (the first one with HTTP, the second one with HTTPS), just because of the protocol, and because the request response type was "application/json", the browser did not allowed it.
Basically, the request worked fine, but your browser did not allowed the response content.
I had to add a "Access-Control-Allow-Origin" header to make it work. If you're in the same case, have a look there: https://developer.mozilla.org/en/http_access_control.
I hope that'll help you, I got a headache myself.