On Fri, Aug 28, 2009 at 10:39 AM, Ashley Sheridan
<a...@ashleysheridan.co.uk>wrote:

> On Fri, 2009-08-28 at 10:34 -0300, Martin Scotta wrote:
> > Actually there aren't a safe way to make a redirect....
> >
> > We have 4 alternatives (correct me if I miss anything) to do a safe
> > redirection.
>
> Erm wtf?!
>
> The best bet is always going with a header() redirect. The only time
> I've seen that fail is when the developer of the PHP script has made a
> mistake. The browser should always honor this type of redirect, and you
> have none of the issues with Javascript turned off, browser plugins
> blocking redirects, or stupid users etc.
>
> Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>
>
What you are is truth if it only applies to computer browsers.
There are many "clients" where the Location header don't work.

Curl is a good example, you can determine to follow the Redirect or just
skip it.
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false)

Another example could be mobile phones, especially wml based, do not follow
a redirection and you have to provide a "click here to redirect" link and
relies on the user to follow the redirection.

Do not trust that your client is always a browser. It could be anything that
can open a connection and send a request.

Also you can't know who is at the other side. The client can provide fake
UA, IP, everything... or can't send anything but the need to make a valid
request.

-- 
Martin Scotta

Reply via email to