Am Dienstag, 5. April 2016 18:42:03 UTC+2 schrieb Stuart Dodds: > > However, once the validation has passed, I am not sure how to then issue > the original POST request to the external site as well as redirecting the > user along with the request. Is there a way I can do this? >
1) You could send a HTTP 307 redirect to your user with the URL of the external site; since all data from the form will be re-send by the browser, the external site will also receive the captcha info - which may or may not cause problems. 2) Depending on the external site you could also make the POST request to the external site yourself and forward the response to your user; obviously that will not work if the external site requires a cookie or some other authentication from the user or if there are additional interactions to be performed by the user after receiving the result. If the external site responds to the POST request with a GET redirect you can send your user there by re-using the URL for your own HTTP 303 redirect. 3) A more fragile approach would be you returning a page with the verified and cleaned-up data in a HTML form plus some JavaScript to automatically submit that form to the external site once it loads in the browser of your user. Of course, since with solutions 1 and 3 the data exchange happens directly between your user and the external site any validation and sanitation you perform is essentially moot since thereĀ“s nothing preventing a malicious user from tinkering with it even after it was checked by you. HTH - Heiko -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
