Redirects and Cookies and Sessions


HTTP redirects are a popular way to send people to a different page from an incoming request. Redirects are commonly used for login validations for example. However, you must realize that HTTP Redirects do not allow cutom HTTP header information to be validated by the browser. This means if you create a Cookie or create a new Web Connection session as part of your request, that Cookie or Session is never initialized on the redirected page. You'll likely see this in your applications by multiple session entries being created for the same user or by cookies coming up blank on the next request.

To circumvent this problem you cannot use HTTP redirection, but must resort to using an intermediate page and then go from that page to the actual page you want to send the user to. Fortunately, this is relatively easy to do using the HTML <meta> Refresh tag.

The steps are as follows:


To create the intermediate page use the following:

      *** This is the URL where you want to redirect to
      lcUrl = Request.GetCurrentUrl()
    
      Response.Rewind()  && Kill any existing output

      Response.ContentTypeHeader()
      Response.Send("<HTML><HEAD>")
      Response.MetaRefresh(lcUrl,1)
      Response.Write("</HEAD><BODY>")
      Response.Write([<span style="Font:normal normal 10pt 'Verdana'">Welcome ] + lcUserName + "<p>"+;
                     [Login complete. Hang on a sec...</span>])

Web Connection 3.0 introduces built in support for Meta Refresh pages via the StandardPage and ErrorMsg pages. Since MetaRefresh is typically used for quick informational bits this makes sense since those methods are meant to provide 'dialog' type output to the user. To use inside of a wwProcess class method:

THIS.StandardPage('Moving on','Thank you for signing in. Moving you to our homepage...',,;
		'home.wwa',1)

The last two parameters indicate the URL to go to and the delay that gets added to a Meta Refresh tag.

Last Updated: 05/04/00