On Fri, Aug 28, 2009 at 10:39 AM, Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx>wrote: > On Fri, 2009-08-28 at 10:34 -0300, Martin Scotta wrote: > > Actually there aren't a safe way to make a redirect.... > > > > We have 4 alternatives (correct me if I miss anything) to do a safe > > redirection. > > Erm wtf?! > > The best bet is always going with a header() redirect. The only time > I've seen that fail is when the developer of the PHP script has made a > mistake. The browser should always honor this type of redirect, and you > have none of the issues with Javascript turned off, browser plugins > blocking redirects, or stupid users etc. > > Thanks, > Ash > http://www.ashleysheridan.co.uk > > > > What you are is truth if it only applies to computer browsers. There are many "clients" where the Location header don't work. Curl is a good example, you can determine to follow the Redirect or just skip it. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false) Another example could be mobile phones, especially wml based, do not follow a redirection and you have to provide a "click here to redirect" link and relies on the user to follow the redirection. Do not trust that your client is always a browser. It could be anything that can open a connection and send a request. Also you can't know who is at the other side. The client can provide fake UA, IP, everything... or can't send anything but the need to make a valid request. -- Martin Scotta
