[whatwg] page refresh and resubmitting POST state
Mike Wilson
mikewse at hotmail.com
Sun May 24 09:41:13 PDT 2009
Kornel Lesinski wrote:
> Is it possible for HTML 5 spec to say that browsers may
> re-send PUT without asking?
It sounds like you are starting to agree with me that topics
like these could deserve a place in the HTML5 spec :-)
Aryeh Gregor wrote:
> On Sun, May 24, 2009 at 11:41 AM, Kornel Lesinski
> <kornel at geekhood.net> wrote:
> > You store the data on server side, and redirect to URL that
> > contains unique ID for this data.
> >
> > It's just a few lines in PHP (and similar solutions shuold
> > be possible in all web frameworks):
> >
> > $id = uniqid();
> > $_SESSION[$id] = $_POST;
> > header("Location: [.]/result.php?id=$id",false,303);
> >
> > and later:
> >
> > $_POST = $_SESSION[$_GET['id']];
> >
> > This works even for multiple submissions done in parallel
> > and it's pretty
> > secure and tamper-proof.
>
> That does seem like a pretty good solution. Perhaps Mike Wilson can
> point out the problems with it.
In an earlier mail I was referring to this solution as
"conversation id in URL", and yes, there are drawbacks
with this as well.
Best regards
Mike
More information about the whatwg
mailing list