Redirecting users from edit page back to calling page

Question

I am working on a project management web application. The user has a variety of ways to display a list of tasks. When viewing a list page, they click on task and are redirected to the task edit page.

Since they are coming from a variety of ways, I am just curious as to the best way to redirect the user back to the calling page. I have some ideas, but would like to get other developers input.

Would you store the calling url in session? as a cookie? I like the concept of using an object handle the redirection.

Answer 1

I personally would store the required redirection info in an object and handle globally. I would avoid using a QueryString param or the like since they could try bouncing themselves back to a page they are not supposed to (possible security issue?). You could then create a static method to handle the redirection object, which could read the information and act accordingly. This encapsulates your redirection process within one page.

Using an object also means you can later extend it if requried (such as adding return mesages and other info).

For example (this is a 2 minute rough guideline BTW!):

public partial class _Default : System.Web.UI.Page 
{

    void Redirect(string url, string messsage)
    {
        RedirectionParams paras = new RedirectionParams(url, messsage);
        RedirectionHandler(paras); // pass to some global method (or this could BE the global method)
    }
    protected void Button1_Click(object sender, EventArgs e)
    {
        Redirect("mypage.aspx", "you have been redirected");
    }
}

public class RedirectionParams
{
    private string _url;

    public string URL
    {
        get { return _url; }
        set { _url = value; }
    }

    private string _message;

    public string Message
    {
        get { return _message; }
        set { _message = value; }
    }

    public RedirectionParams(string url, string message)
    {
        this.URL = url;
        this.Message = message;
    }
}

Answer 2

I would store the referring URL using the ViewState. Storing this outside the scope of the page (i.e. in the Session state or cookie) may cause problems if more than one browser window is open.

The example below validates that the page was called internally (i.e. not requested directly) and bounces back to the referring page after the user submits their response.

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Request.UrlReferrer == null)
        {
            //Handle the case where the page is requested directly
            throw new Exception("This page has been called without a referring page");
        }

        if (!IsPostBack)
        {   
            ReturnUrl = Request.UrlReferrer.PathAndQuery;
        }
    }

    public string ReturnUrl
    {
        get { return ViewState["returnUrl"].ToString();  }
        set { ViewState["returnUrl"] = value; }
    }

    protected void btn_Click(object sender, EventArgs e)
    {
        //Do what you need to do to save the page
        //...

        //Go back to calling page
        Response.Redirect(ReturnUrl, true);
    }
}

Answer 3

This message my be tagged asp.net but I think it is a platform independent issue that pains all new web developers as they seek a 'clean' way to do this.

I think the two options in achieving this are:

1. A param in the url
2. A url stored in the session

I don't like the url method, it is a bit messy, and you have to remember to include the param in every relevent URL.

I'd just use an object with static methods for this. The object would wrap around the session item you use to store redirect URLS.

The methods would probably be as follows (all public static):

• setRedirectUrl(string URL)
• doRedirect(string defaultURL)

setRedirectUrl would be called in any action that produces links / forms which need to redirect to a given url. So say you had a projects view action that generates a list of projects, each with tasks that can be performed on them (e.g. delete, edit) you would call RedirectClass.setRedirectUrl("/project/view-all") in the code for this action.

Then lets say the user clicks delete, they need to be redirected to the view page after a delete action, so in the delete action you would call RedirectClass.setRedirectUrl("/project/view-all"). This method would look to see if the redirect variable was set in the session. If so redirect to that URL. If not, redirect to the default url (the string passed to the setRedirectUrl method).

Answer 4

I agree with "rmbarnes.myopenid.com" regarding this issue as being platform independent.

I would store the calling page URL in the QueryString or in a hidden field (for example in ViewState for ASP.NET). If you will store it outside of the page scope (such as Session, global variable - Application State and so on) then it will not be just overkill as Tom said but it will bring you trouble.

What kind of trouble? Trouble if the user has more than one tab (window) of that browser open. The tabs (or windows) of the same browser will probably share the same session and the redirection will not be the one expected and all the user will feel is that it is a bug.

My 2 eurocents..