Skip to content

Should we do 303 redirects upon form submit? #1433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Arkounay opened this issue Oct 10, 2023 · 3 comments
Closed

Should we do 303 redirects upon form submit? #1433

Arkounay opened this issue Oct 10, 2023 · 3 comments

Comments

@Arkounay
Copy link
Contributor

Arkounay commented Oct 10, 2023
edited
Loading

If I create a CRUD with php bin/console make:crud, when a form is submitted there will be a 303 redirection:

return $this->redirectToRoute('app_post_index', [], Response::HTTP_SEE_OTHER);

in symfony-demo, it's the default redirection (which is 302) that is used:

demo/src/Controller/Admin/BlogController.php

Line 110 in 7e6cc8f

return $this->redirectToRoute('admin_post_index');

303 seems like a better practice:

The HyperText Transfer Protocol (HTTP) 303 See Other redirect status response code indicates that the redirects don't link to the requested resource itself, but to another page (such as a confirmation page, a representation of a real-world object — see HTTP range-14 — or an upload-progress page). This response code is often sent back as a result of PUT or POST. The method used to display this redirected page is always GET.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/303

While it seems 302 is recommended only for GET or HEAD methods:

The HyperText Transfer Protocol (HTTP) 302 Found redirect status response code indicates that the resource requested has been temporarily moved to the URL given by the Location header. A browser redirects to this page but search engines don't update their links to the resource (in 'SEO-speak', it is said that the 'link-juice' is not sent to the new URL).

Even if the specification requires the method (and the body) not to be altered when the redirection is performed, not all user-agents conform here - you can still find this type of bugged software out there. It is therefore recommended to set the 302 code only as a response for GET or HEAD methods and to use 307 Temporary Redirect instead, as the method change is explicitly prohibited in that case.

In the cases where you want the method used to be changed to GET, use 303 See Other instead. This is useful when you want to give a response to a PUT method that is not the uploaded resource but a confirmation message such as: 'you successfully uploaded XYZ'.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/302

It's not super important but is it a better practice to use 303? Should the code be changed to reflect that?
@javiereguiluz
Copy link
Member

@Arkounay sorry for the late reply. Thanks for creating this detailed issue. Yes, I think it would make sense to do this change. Would you have some time to create a Pull Request with this change? If you don't have time for it, we'll ask others in the community to contribute this. Thanks.

@Arkounay
Copy link
Contributor Author

Arkounay commented Nov 2, 2023

@javiereguiluz No problem thanks for the reply, yes I can create a pull request next week 👍

Arkounay added a commit to Arkounay/symfony-demo that referenced this issue Nov 6, 2023
@Arkounay
303 redirections symfony#1433
bc55637
@Arkounay Arkounay mentioned this issue Nov 6, 2023
Merged
javiereguiluz added a commit to javiereguiluz/demo that referenced this issue Nov 8, 2023
@javiereguiluz
feature symfony#1448 303 redirections (Arkounay)
701f9d0 
This PR was merged into the main branch.

Discussion
----------

303 redirections

This PR provides 303 redirections, see issue symfony#1433

Commits
-------

bc55637 303 redirections symfony#1433
@javiereguiluz
Copy link
Member

Closing as fixed in #1448.

muqeetsyed pushed a commit to muqeetsyed/docker-symfony that referenced this issue Dec 26, 2024
@Arkounay
303 redirections symfony/demo#1433
31412bc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@javiereguiluz @Arkounay