I have a login form with username and password parameters. During development while refreshing the browser, on a few occasions I have seen my form parameters get put in the URL. This catches my attention since it's a username and password.
For example: http://localhost:8080/ui/?username=xxxxx&password=xxxxx#/login?redirectedFrom=%2Fsomewhere
However, I don't recall exactly what I did prior to this, and I am unable to reproduce it. I've seen it 3 times over a period of weeks.
Any ideas what might be causing the form parameters to be put in the URL?
I'm not sure if any of this is relevant, but I'm using angular with ui-router. The parameters are also parameters to POST, but I don't recall whether I submitted them. I think (although not sure) each time this has happened it was shortly after my login times out and I am redirected to the login page, which adds a ?redirectedFrom parameter. I'm using Chrome and it remembers and fills in the username/password inputs. Chrome developer tools is open. It might be after restarting the server. A browser refresh was done.
I believe you submitted the form again.
In login form always use POST action in your form tag, like this:
<form action="POST">
Don't press F5 to refresh your page after you submit the form. Click in your URL and enter again in your form page.
Related
We are sending HTML emails from Microsoft365 to our clients and these emails contain a hyperlink to an item in a Sharepoint list in one of our Sharepoint sites.
I have only tested this in GMail, not sure whether the issue is only isolated here or on other email clients as well. When clicking the link in GMail, the below "Suspicious Link" popup message appears. Clicking 'Proceed' works, and brings the client to wherever he needs to be.
But we would like to avoid this popup message altogether.
The URL is in this format:
https://xyz.sharepoint.com/sites/sitename/Lists/listname/EditForm.aspx?ID=123
I have tried 2 variants, and both are having the same issue:
{theURLagain}
and
Link to our Sharepoint
Anyone has an idea how we need to write the HTML to prevent this? Or is it not related to how the HTML is written?
Thanks!
The following thread is discussing the same question, I hope this may help
https://support.google.com/mail/thread/4242603?hl=en&msgid=8208054
Answer extracted from the thread:
This solved the problem for me:
Go to postmaster.google.com.
On the bottom-right, click the + button.
In the box that pops up, enter your authentication domain.
Next, prove that you own the domain by adding a DNS TXT or a DNS CNAME record.
After I completed that, I stopped getting that 'untrusted' message within a few minutes.
I found innumerable answers and explanations on refreshing after submit - how to do it, how to prevent it, etc. But I'm just wondering why all submit functions automatically reload the page? I would have thought the default is to not refresh, and there's an option for it, something like
<button type="submit" refresh="false">Submit</button>
Is this like an unspoken programming rule, or is there a reason to do with GET and POST requests or something of that kind?
Submitting a form is like clicking a link.
You send something to the server (when you click a link that's just a URL, with a form it is more complex data).
The server makes a response
The browser shows you the response
It would only "reload the page" if the server side code you wrote sent the same page back.
It's the normal behaviour because when you send data to the server, you usually want to know if it worked.
(The server could response with 204 No Content to avoid the browser loading a new page, but that would confuse most users because they would have clicked a button and nothing would appear to happen).
Can I use my HTML form to perform multiple actions?
Post the information to another destination.
Navigate a user to another page once they submit the form.
At the moment I can post the filled form to the destination but cant navigate the user to another page using HTML specifically. Is there any method in HTML to do this?
Any suggestions?
Things are easy if you control the server and/or are on the same domain, then you can do a server side redirect. But since you are using salesforce surely you don't control that. Nevertheless, double check their documentation for a redirect option you can put in the form.
If that fails, one thing I'd try is to submit it to an iframe: add <iframe name="foo" id="foo"></iframe> somewhere to your html (you can hide it too if you want) and add target="foo" to your form. Then, also add an onsubmit javascript handler to the form that redirects after a delay to allow the form to be processed. The timing of the delay is likely to be a source of bugs btw, checking for errors in the submitted form can't be easily done across domains, you'd be guessing. Maybe an onload handler on the iframe can do the redirect though, I'm not sure, but worth a try.
This isn't guaranteed to work either, some sites don't like being in iframes. If that fails, you might try setting target="_BLANK" to submit the form to a popup window then redirect your main window using javascript or something. This will require you to give an instruction to the user to close the window.
Lastly, if you can submit the data via a server side API call to salesforce, that would be good too because then the plain redirect option is back under your control.
You can use redirect after you perform whatever you are going to do on the first page (the one from form action)
I have a foswiki site with user registration. It uses the standard registration form wherein users click a "register" button after filling the form. It redirects to: http://localhost/foswiki/bin/register/Main/WebHome and sits (no page loads and no error is shown). The source code shows this is correct, that is the button should post to this URL. I'm not sure why it isn't redirecting to the homepage. The user entry is created correctly and I can manually change the URL to: http://localhost/foswiki/bin/view/Main/WebHome and have it work.
I cannot find why it redirects to /bin/register... rather than /bin/view.... I thought it should be in the http config file, but I couldn't find it.
I compared the results in the console with those from registering on the foswiki website, but cannot see a difference.
I was able to get an answer on the IRC. It is an issue with the quickmenu skin. I stopped using the skin and the issue was corrected.
How can i disable browser from going back to a particular page? My scenario is
Login page -> change password page ->user returns to login page again-> (on browser back should not go back to change password page) but currently it goes to the change password page. I am currently working on a grails application. How can i solve this issue?
You can't stop users from going back if they want to, because a browser can do whatever it feels like.
But if you only want to prevent users from going back accidentally, then just make the "change password" page only appear in response to an HTTP POST (not just a URL link, which is an HTTP GET request). Most browsers will give a warning about re-submitting the form if the previous page was the result of a POST request.
Use javascript's location.replace() function:
http://www.roseindia.net/javascript/javascript-location-replace.shtml