POST doesn't solve a "security" problem. It maybe obfuscates the parameters for a layman but it doesn't encrypt them. Anyway ...
WORedirect uses HTTP status code 302 which makes the browser using GET. What
you need is HTTP status code 307.
So, write your own subclass of WOCompnentent with a setter method for the URL
to redirect:
public class MyRedirectComponent extends ERXComponent {
private String url;
public MyRedirectComponent(WOContext context) {
super(context);
}
public void appendToResponse(WOResponse aResponse, WOContext aContext) {
aResponse.setHeader(this.url, "location");
aResponse.setStatus(307);
}
public void setUrl(String url) {
this.url = url;
}
}
The method that submits your form should look like this:
public WOActionResults submitAction() {
MyRedirectComponent nextPage = (MyRedirectComponent)
pageWithName(your.app.components.MyRedirectComponent.class);
nextPage.setUrl("http://YOUR_REDIRECT_URL";);
return nextPage;
}
See
http://programmers.stackexchange.com/questions/99894/why-doesnt-http-have-post-redirect
C.U.CW
--
What are the three enemies of a programmer? Sunlight, oxygen, and the appalling
roar of the birds.
> On 30.06.2015, at 09:52, Butchi Reddy Velagala <[email protected]>
> wrote:
>
> Hi All,
>
> We have to pass some confidential information to the URL which configured in
> WORedirect. But WORedirect is accepting only query parameters (appended to
> the URL). So It is the security problem.
>
> So please let us know if there is any way to redirect to the URL with POST
> parameters or headers to hide them.
>
>
> Thanks in Advance,
> Butchi Reddy Velagala.
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list ([email protected])
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/webobjects-dev/cw%40i4innovation.de
>
> This email sent to [email protected]
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
