I have a void function that based on a conditional statement should redirect users to a different action.
public void MyFunction()
{
if (!condition)
{
Redirect(url);
}
...
...
}
Using redirect without a return statement doesn't seem to work. Is there a more suitable method for accomplishing this?
Response.Redirect("Some URL") or Server.Transfer("Some URL") can be used to redirect any web page
Response.Redirect("Some URL") should be used when to :
redirect the request to some plain HTML pages on our
server or to some other web server
not to care about causing additional roundtrips to the server on each request
not need to preserve Query String and Form Variables from the original request
to be able to see the new redirected URL where he is
redirected in his browser (and be able to bookmark it if its
necessary)
Server.Transfer("Some URL") should be used when to:
transfer current page request to another .aspx page on the
same server
preserve server resources and avoid the
unnecessary roundtrips to the server
preserve Query String and Form Variables (optionally) we don't need to show the real URL
where we redirected the request in the users Web Browser
try this
public IActionResult MyFunction()
{
if (!condition)
{
return Redirect(url);
}
...
...
}
About IActionResult
Actions can return anything, but frequently return an instance of
IActionResult (or Task for async methods) that produces
a response. The action method is responsible for choosing what kind of
response. The action result does the responding.
from https://learn.microsoft.com/en-us/aspnet/core/mvc/controllers/actions
You may get more information about action methods at above link
Related
I have a thymeleaf signup form, which if we submit then a controller at "/signup_do" is called which validates and saves the user to database:
<form action="/signup_do" method="post">
...
</form>
The controller at "/signup_do" passes the request to the accountRegistration service method, which does the validation:
#PostMapping("/signup_do")
public String register(Account account, HttpSession session) {
session.setAttribute("accountToRegister", account);
accountManagement.accountRegistration(account);
return "Success";
}
The account registration method can throw an exception SignupFormException, which is handled by the #ExceptionHandler defined in that controller class:
#ExceptionHandler(value=SignupFormException.class)
public String handle(HttpSession session, Model response) {
Account returnDataToForm = (Account) session.getAttribute("accountToRegister");
response.addAttribute("name", returnDataToForm.getFirstName());
session.invalidate();
return "signup";
}
Now the problem is that when exception occurs, the inputs entered in the form is passed back to the signup form, and the entered data remains intact, but the url still remains as /signup_do.
I have tried using return "redirect:/signup" instead, which does change the url, but it ends up making a get request to the /signup url like
/signup?name=John...
but my /signup controller is not designed to handle a get request, it just knows to display the form, so the information is lost.
#GetMapping("/signup")
public String signupPage() {return "signup";}
I also tried using forward:/signup, but that just ended up throwing 405 error.
I figured out a clean workaround a few hours after asking this question.
What I did is change the name of the controller that handles the signup process to ("/signup") as well. Since the controller that displays the page is a #GetMapping("/signup") and the one that handles the signup process is a #PostMapping("/signup") there is no clash.
Now even if the controller changes, the url remains the same, since both of them are signup...
#GetMapping("/signup")
public String signupPage() {return "signup";}
#PostMapping("/signup")
public String register(Account account, HttpSession session) {
session.setAttribute("accountToRegister", account);
accountManagement.accountRegistration(account);
return "success";
}
And this works just like I wanted!!
Redirecting will make a get request to the controller looking for the view to display, which in your situation means losing your data for the reasons you give. I can think of two workarounds:
Don't do the redirect and change the URL manually with javascript everytime you enter this view. If you dislike having a "wrong" URL in a view, editing it manually looks the most reasonable and direct approach. You can see how to do this here, including it in a script that executes everytime the page loads/the submit button is pressed.
Do the redirect and avoid losing your info by storing it in the session for a while longer, accessing it in thymeleaf in this way, instead of getting it from a model attribute. This would mean you would have to be careful to remove this session attributes later. It's also not very "clean" that your get request for the form view includes the user info, so I wouldn't go with this solution if avoidable.
I am using AuthorizeAttribute to ensure that my controller actions aren't ran when the current user is unauthorized. This works great for GET requests. If the user is not authorized then they are redirected to the login view.
However, this does not work for POST requests as the browser isn't expecting to be redirected during a POST.
The generally agreed upon solution to this is to disallow users from reaching portions of the application which generate POST requests without first being authorized. While this logic makes sense, I don't think it encompasses all real world scenarios.
Consider having the web application open in two tabs. The user is signed in and authorized in both tabs and is viewing content which, when clicked, could initiate a POST request. The user then signs out of one tab and is taken back to the login page. The other tab is unaware that this event has occurred. The user then initiates a POST request from this second tab.
How can I gracefully redirect them to the login page in this scenario?
I believe you are incorrect. I have a custom blog (that still needs a ton of work) which I use the [Authorize] attribute on the Admin controller. This controller handles blog post.
I tested your scenario of:
Opening up two browser screens on my post screen
logging out in the first tab
Attempting to post on the second tab
when it tried to post it redirected me to the login screen.
[Authorize]
public class AdminController : BaseController
{
public ActionResult Post(int? id)
{
if (id != null)
{
var blogPost = _blogService.RequestPost((int)id);
var blogPostViewModel = _blogPostViewModelMapper.CreateViewModel(blogPost);
return View(blogPostViewModel);
}
return View();
}
//
// POST: /Post/
[HttpPost]
public ActionResult Post(BlogPostViewModel blogPost)
{
var stringTags = blogPost.Tags.Split(',');
var tagIds = _blogTagMapper.MapStringsToIds(stringTags);
blogPost.TagIds = tagIds;
_blogService.SaveBlogPost(BlogPostlMapper.CreateEntity(blogPost));
return RedirectToAction("Index", "Home");
}
}
So I'm creating a asp.NET MVC3 application and want to apply single page application functionality to parts of the application. I think the easiest way to explain is with an example:
The app consists of an admin area and a public area and is built using ordinary link-structure. I want to convert the admin area to an single page application reusing view and models from the existing application. Is it possible to do this and in that case how?
You have to face two main problems, which makes the difference between SPA and standard application:
Links: In standard application, each link redirects you to a different page.
Forms: When a form is been submitted, a request is been issued with the HTTP method you've specified in the post (usually POST) and it contains in the payload the data the user has entered.
In order to solve that problems, you have to take action both in client-side and server-side.
For explaining propose, lets take the following code:
HomeController.cs:
public class HomeController : Controller {
public ActionResult Index() {
return View();
}
public ActionResult Contact() {
return View(new ContactUsViewModel());
}
[HttpPost]
[ValidateAntiForgeryToken]
public ActionResult Contact(ContactUsViewModel model) {
if (ModelState.IsValid) {
/* Send mail / Save in DB etc. */
return Redirect("Index");
}
return View(model);
}
}
Index.cshtml:
<p>This is a simple page.</p>
<p>#Html.ActionLink("Click here to contact us", "Contact")
Client-Side:
We should fix up linking between pages, as well as forms submittions.
Links: You can wire up an event in JS (jQuery if you'd like) that'll observe for each link click in the areas you'd like to apply on SPA - then, instead of redirecting the user - you'll load the content via AJAX.
For instance, take a look at this sample:
$("a").click(function(e) {
e.preventDefault(); // Disable standard redirecting
var href = $(e.currentTarget).attr("href");
$.get(href, function(responseText) {
$("#main-content-wrapper").html(responseText);
});
});
Forms: Just like in the approch we've used for links, we can wire up an observer to the form submit event in JS and then transfer the data using AJAX.
For instance:
$("form").submit(function(e) {
e.preventDefault(); // Disable standard submittion
var data = $(e.currentTarget).serialize(); // Serializing the form data
var method = $(e.currentTarget).attr("method");
if (typeof (method) == "undefined") { method = "POST"; }
$.ajax({
method: $(e.currentTarget).attr("method"),
parameters: data,
statusCodes: {
404: function() { /* Handle it somehow */ }
403: function() { /* Handle it... */ }
200: function(response) {
/* Since we've done a form submittion, usurally if we're getting standard OK (200) status code - we've transffered a data - such as JSON data - indicating if the request success or we got errors etc. The code you're writing here depends on how your current application works. */
},
});
});
Server-Side:
Since you don't wish to break your current application logic - you have to still be able to use standard ASP.NET MVC methods - such as View(), Redirect() and so on.
In this case, I recommend to create your own custom base Controller class - which will override ASP.NET basic implementation.
For instance, this is a starting point:
public class MyController : System.Web.Mvc.Controller {
public override View(string viewName) {
if (Request.IsAjaxRequest()) {
return PartialView(viewName); // If this is an AJAX request, we must return a PartialView.
}
return base.View(viewName);
}
}
Few things you have to keep in mind:
You have to somehow distinguish between standard requests and AJAX requests - the way I've used with Request.IsAjaxRequest() is a great way to do so.
Many times when you're handling a form, In the form submittion action, after you finish with the form logic, you're using Redirect() to redirect the user to another page. As you may have guessed, you can't take this approch when developing SPA. However, I can think of few solutions for this problem:
You can create a status handler in the JS code so when redirecting is been issued by the server - you can load the content via AJAX / display a message and so on.
You can override Redirect() and add a specific logic to perform in case of redirection when the request was done by AJAX - for instance, you can request from ASP.NET to perform the action that you're going to be transfered into and then return its content etc.
You can decide that although its an SPA app - when a redirect was issued - you allows the server to perform this redirection.
As you can see - there're many approches you can take, and they depends on the way you've developed your site, how you wish it to work and what is the basic rules you're defining (e.g. "No redirection is permitted never - even after submitting a form", "After form submittion - always in case that the operation success - I'm displaying a message or performing other JS action. Because of that, I can override Redirect() and if this is an AJAX request I can return a JSON object." etc.)
I got an action List
//[HttpGet] (will come back to that!)
public ViewResult List(int page = 1)
{
//blah blah blah
return View(viewModel);
}
In its view we render action:
#{
Html.RenderAction("UpdateSearch");
}
Action definitions:
[ChildActionOnly]
[HttpGet]
public PartialViewResult UpdateSearch()
{
// do something and display a form in view
return PartialView(so);
}
[HttpPost]
public RedirectToRouteResult UpdateSearch(Options searchOptions)
{
// do something and redirect to List
return RedirectToAction("List");
}
and I'm getting: Child actions are not allowed to perform redirect actions exception every time someone submits the form. I'm new to MVC3, but it looks like the redirection is also a POST, because if [HttpGet] above List method is uncommented "the resource cannot be found" happens.
How do I change Http method on redirection or am I doing something wrong? I did try to Bing it, but no success.
The redirect info is stored in response header. However, the response is already being sent when child action is run so headers can't be written.
In short, there's no way of performing a redirect from child action other than through the use of javascript on client side.
I have an application which uses Spring 3. I have a view resolver which builds my views based on a String. So in my controllers I have methods like this one.
#RequestMapping(...)
public String method(){
//Some proccessing
return "tiles:tileName"
}
I need to return a RedirectView to solve the duplicate submission due to updating the page in the browser, so I have thought to use Spring redirect: prefix. The problem is that it only redirects when I user a URL alter the prefix (not with a name a resolver can understand). I wanted to do something like this:
#RequestMapping(...)
public String method(){
//Some proccessing
return "redirect:tiles:tileName"
}
Is there any way to use RedirectView with the String (the resolvable view name) I get from the every controller method?
Thanks
the call prefixed by redirect: is a url, which is sent in a standard browser 302 redirect. you can't redirect to a view, because a view isn't a url. instead you'll need a new servelet mapping to a 'success' view and then redirect to that instead
#RequestMapping("processing.htm")
public String method(){
//Some proccessing
return "redirect:success.htm"
}
#RequestMapping("success.htm")
public String method(){
return "tiles:tileName"
}
this case works fine when you just need to show a 'thank you' page, which requires no specific data from the processing stage. however, if your success page needs to show some information from the processing, there are 2 ways to do it.
1) pass the information in the url as a get post ("redirect:success.htm?message=hi"). this is incredibly hackable, and thus highly unrecommended.
2) the better way is to store information in the http session, using #SessionAttributes and #ModelAttribute