Welcome Guest, Not a member yet? Register   Sign In
HTTPS redirect with parameter refresh
#1

[eluser]Gabriel Labrecque[/eluser]
I've recently encountered an issue when redirecting from an HTTPS page with:
Code:
redirect($some_url, 'refresh')

I am using the POST/Redirect/GET (PRG) pattern to avoid forms from being posted twice.

A few weeks ago, I noticed that the pattern stopped to work. Even with PRG, pressing refresh or the back button triggered a second form post. It seems to have been caused by the addition of HTTPS.

I found that removing the 'refresh' parameter fixed the problem.

I looked at the definition of the redirect function in url_helper.php and found that the function doesn't treat http and https the same way. Using redirect($some_url, 'refresh') from an http page will simply use the site_url function whereas using it from an https page will call a header("Refresh:0;url=...);

Does anybody know why the function redirect was programmed this way? Why should http and https be treated differently when redirecting?
#2

[eluser]Unknown[/eluser]
This is interesting, I'm experiencing this too (still on 1.7.3) and I can't find anything elsewhere about this issue.




Theme © iAndrew 2016 - Forum software by © MyBB