Tutorial :How are server side errors handled in Post/Redirect/Get pattern?



Question:

For the successful use case, the Post/Redirect/Get (PRG) work flow is pretty simple: simply redirect (client-side) to the desired page. But what about cases when errors are encountered during server-side validation and we want to preserve the inputs when we display the input page again?

As far as I can tell, there are two approaches: simply re-render the input page after the form POST submission (i.e. no redirection) during errors (thus disregarding the PRG pattern); or, redirect to the input page, and store the previous inputs somewhere it can be retrieved later (e.g. session), during rendering. Both have drawbacks: in the first, we are presented with the problems PRG pattern helps us to avoid (e.g. bookmarkability, double submission); the second approach leads to inconsistent GETs (first GET will find the stored inputs, subsequent GETs might not). Are there other alternatives to those mentioned here? I am hoping for inputs from the community on how this case is best handled.


Solution:1

I typically do it the first way you describeâ€"redirect only in the event of a successful submission. It's hard to see a real use case for bookmarking a form containing invalid data; on the other hand it often makes sense to bookmark a confirmation page (after successful submit).


Solution:2

If the URL being used to fill out the form is the one the form POSTs to, I don't think there's an issue. If the input is valid, Redirect and GET. If it's invalid, redisplay the filled-in form. This way, the interaction looks like:

GET  /your-url => blank form  POST /your-url (success) => Redirect => GET /success-url  POST /your-url (failure) => filled-in form  


Solution:3

The mentioned bookmarkability issue is affecting both approaches, you cannot really bookmark something that relies on some temporary data preserved on the server.

And the double-submission is not really a problem if you ensure that if the validation fails, you don't save any data (i.e. every submission with failed data is idempotent request).

So PRG only on success is a very clean approach.


Solution:4

Like the other answers say, only use Post/Redirect/Get pattern on successful server-side validation. When a form is invalid, just respond to the response directly, with error messages.

For usability, you should make sure that client-side validation is excellent, this is a good idea any way, as users like immediate feedback. Use Javascript, or the new HTML5 form features, such as the required attribute or the maxlength attribute or type="email" attribute and so on.

Of course, you should still have server-side validation for security, and for graceful degradation.


Solution:5

If you are using ASP.NET MVC then there is another method that can be used for the Post -> failure situation. It is covered in #13 of this article: ASP.NET MVC Best Practices (Part 1).

If you implement that method then you can always redirect after a post, even if the post resulted in a failure.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »