Skip to content

AJAX redirection tunneled through 200 OK

Jump to bottom Edit New page
Ronald Chan edited this page Mar 8, 2012 · 1 revision

Redirection is handled by the browser without informing the source of the AJAX request. This is problematic in that the new URL location is not known.

When a user submits a form to a URL - for example, POST to /objects/, the new object might be created, and the user redirected to /objects/45.

The user expects to see the new URL in the browser address bar. Therefore, if the request is an AJAX request (request.xhr?), and it has a querystring parameter declaring the pagination name, those redirects with status code 302 are converted to a status code of 200. The Location header is left there. The client-side code can detect the extra Location header, and treat it as a redirect by making another AJAX request, and updating the URL in the address bar.

This decision was made because a 20x response must be made, in any case. It was decided not to convert all 30x responses (only converting 302 status codes), because the rails redirect_to method uses a 302 status code by default. The 200 status code was chosen, because other 20x codes may have other meanings. Additionally, the 200 status code does not already use the Location header, which is advantageous for detection of its presence.

It may also be problematic to choose an undefined status code as a custom status code, since browsers/proxies may not forward them properly.

Add a custom footer
Add a custom sidebar
Clone this wiki locally