views:

5483

answers:

6

I have an application that supplies long list of parameters to a web page, so I have to use POST instead of GET. The problem is that when page gets displayed and user clicks the Back button, Firefox shows up a warning:

To display this page, Firefox must send information that will repeat any action (such as a search or order confirmation) that was performed earlier.

Since application is built in such way that going Back is a quite common operation, this is really annoying to end users.

Basically, I would like to do it the way this page does:

http://www.pikanya.net/testcache/

Enter something, submit, and click Back button. No warning, it just goes back.

Googling I found out that this might be a bug in Firefox 3, but I'd like to somehow get this behavior even after they "fix" it.

I guess it could be doable with some HTTP headers, but which exactly?

+2  A: 

One way to avoid that warning/behavior is to do the POST via AJAX, then send the user to another page (or not) separately.

Sparr
Yes, that's my backup plan. But, BACK button does not work with AJAX, so I'll have to implement my own "back handler" in such case, which I want to avoid.
Milan Babuškov
+6  A: 

One way round it is to redirect the POST to a page which redirects to a GET - see Post/Redirect/Get on wikipedia.

Say your POST is 4K of form data. Presumably your server does something with that data rather than just displaying it once and throwing it away, such as saving it in a database. Keep doing that, or if it's a huge search form create a temporary copy of it in a database that gets purged after a few days or on a LRU basis when a space limit is used. Now create a representation of the data which can be accessed using GET. If it's temporary, generate an ID for it and use that as the URL; if it's a permanent set of data it probably has an ID or something that can be used for the URL. At the worst case, an algorithm like tiny url uses can collapse a big URL to a much smaller one. Redirect the POST to GET the representation of the data.


As a historical note, this technique was established practice in 1995.

Pete Kirkham
But how? Input data is over 4kB and page output depends on it.
Milan Babuškov
Looks like I'll have to do it this way, unless there's some trick with the cache.
Milan Babuškov
don't use any tricks and do it exactly the way Pete suggested. what I like about his solution is that it follows simple REST principles.
lubos hasko
+13  A: 

See my golden rule of web programming here:

http://stackoverflow.com/questions/638494/stop-data-inserting-into-a-database-twice/638506#638506

It says: “Never ever respond with a body to a POST-request. Always do the work, and then respond with a Location: header to redirect to the updated page so that browser requests it with GET”

If browser ever asks user about re-POST, your web app is broken. User should not ever see this question.

Ilya Birman
To produce the web page I need to supply about 4k of input. I cannot do that with GET. There is no "work" to be done, the output itself depends on the parameters given. The only think I can think of is to store that 4k of data in PHP session and retrieve it in the GET request, but if user has...
Milan Babuškov
...tabs open of my application, that would not work.
Milan Babuškov
It seems Amazon don't follow this golden rule
Chris S
Milan, just store your 4k in temp file and redirect to a page which will show data from it.Chris, huge number of websites are stupid, including the popular ones. That’s not a good excuse to make more stupid sites :-)
Ilya Birman
I'd say your "golden rule" is a bit simplified. If a POST doesn't succeed, there shouldn't be a redirect. Only after the request can be processed. The concept is also known as PRG or "redirect after post".
troelskn
If your script suddenly lost db connection and it can do nothing but display error message, including the data user has POSTed and a warning that it’s the last chance for user to copy his/her data, then yes, you’ll have to break the “golden rule”.
Ilya Birman
But this is not a normal scenario, which we are talking about here, it’s rather a recover plan for already failing application.
Ilya Birman
+1  A: 

I have an application that supplies long list of parameters to a web page, so I have to use POST instead of GET. The problem is that when page gets displayed and user clicks the Back button, Firefox shows up a warning:

Your reasoning is wrong. If the request is without side effects, it should be GET. If it has side effects, it should be POST. The choice should not be based on the number of parameters you need to pass.

troelskn
There are no side effect, but parameters are 4kB. In case you did not know, GET has a limit of 1024 bytes.
Milan Babuškov
What kind of parameters is it that takes up that much space? Can you perhaps explain the context of your application a bit further?
troelskn
A: 

Guys how do you fix the problem?

sfgsadfg
Store the data in user's session using some unique key (we use autoincrement value) and redirect to another page so that it becomes a GET request. Using something like header('Location: /loadpage.php?id=23747');in PHP
Milan Babuškov
A: 

to provide this msg "To display this page, Firefox must send information that will repeat any action (such as a search or order confirmation) that was performed earlier." remove this from your htm form "enctype="multipart/form-data" ";)

Ahmad