Provide precise control over the attributes used in a redirect scenario [SPR-6796]

[spring-projects-issues]

Jon Harper opened SPR-6796 and commented

There needs to be a way to issue a redirect using the String type and to specify that there should be no exposing of the model to the view.

One use case:
HandlerInterceptors are commonly used to add data to the model. If the controller supports POST request and does a redirect (which is the most common case) then the data added by the handler interceptor gets appended to the redirect url. This is undesirable. See http://forum.springsource.org/showthread.php?t=84140.

Another use case:
The controller uses a session attribute. The GET inserts into the model (session). The POST accepts a SessionStatus and calls status.setComplete() and then does a redirect using "redirect:view". The model data is still appended to the end of the redirected URL. The programmer now has to accept the ModelMap and call clear() on it. This should really not be required. See http://forum.springsource.org/showthread.php?p=275392.

Therefore there needs to be a very simple way (i.e. view String prefix ) to do a redirect without exposing the model to the view. I see this as the default use case and the case of exposing the model as a less common use case.

Jon

---

Affects: 3.0 GA

Reference URL: http://forum.springsource.org/showthread.php?t=84140

Issue Links:

• Allow specifying which request attributes are included in RedirectView [SPR-1294] #5995 Allow specifying which request attributes are included in RedirectView ("duplicates")
• When a controller method redirect to any url, the framework automatically appends all the model attributes in url query string even if those attributes are stored in session. [SPR-8636] #13278 When a controller method redirect to any url, the framework automatically appends all the model attributes in url query string even if those attributes are stored in session. ("is duplicated by")
• When doing a redirect anything that is not org.springframework.beans.BeanUtils.isSimpleValueType silently gets left off of the redirect query string [SPR-5957] #10625 When doing a redirect anything that is not org.springframework.beans.BeanUtils.isSimpleValueType silently gets left off of the redirect query string

3 votes, 4 watchers

[spring-projects-issues]

Rossen Stoyanchev commented

We've addressed the concern for precise control over redirect attributes through a number of changes.

RedirectAttributes controller method argument

@RequestMapping methods can declare a RedirectAttributes arg and use it to add the exact attributes for a redirect. If the controller does redirect, the content of RedirectAttributes is used. If the controller doesn't redirect the "default" model is used.

Furthermore, in RequestMappingHandlerAdapter you can set ignoreDefaultModelOnRedirect=true to avoid use of the "default" model when any controller redirects. A controller then either has to use RedirectAttributes or not doing so means no attributes.

URI variable placeholders

A redirect URL can now contain URI variable placeholders. Any attributes used up to expand the placeholders are not appended as query params. Although this doesn't address the issue on its own, it helps and also could be combined with the exposeModelAttributes flag in RedirectView (see next section).

UriComponentsBuilder

The UriComponentsBuilder (#10641) now available provides an convenient way to prepare the redirect string in a chained method style including query param, encoding, etc. If this is your preferred approach, the 'exposeModelAttributes' flag in RedirectView can be used to turn off appending of query params entirely. It can be done globally by creating a simple subclass of UrlBasedViewResolver to always creates RedirectView with exposeModelAttributes set to false.

[spring-projects-issues]

Rossen Stoyanchev commented

Modified subject from "Introduce redirect prefix that doesn't expose model (needed for redirect after post)" to "Provide precise control over the attributes used in a redirect scenario" as the original description is bit more open to different approaches and also to reflect more accurately the actual changes included in the release.