While both redirect and forward seem to show the same effect, they are in essence two extremely different things:
Forwarding is done when a client submits a request for a page (url) and the server side code assesses that the page should not be accessed directly by the client in such fashion. Imagine an account dashboard page that shows up after a login. Such a page, let's say, "www.domain-name.my-account.html" should only be displayed after a successful login in the login page, say, "www.domain-name.login.html". If the client attempts to bypass login and access the dashboard directly, the natural thing to do for the server would be to forward the user to the login page where he would be prompted to login and thereby access his dashboard. Note that forwarding takes place entirely on the server side and it does not involve the browser at all. In fact, the browser would not even be aware of the actual page forwarding.
Client - > Server : Access page B
Server -> Client : Shows page A as the requested page, B
Redirect is done when a client requests a page and the server sees that the requested page is no longer accessible may be on account of page expiration or on account of change of url or even absolute removal of the requested page. In such cases, the server responds with a page that mocks the requested page but that includes a header that may be decoded by the client to access a different page altogether. The client browser then needs to make another request to access the specified page. Note that client side browsers are aware of redirects unlike forwards.
Client - > Server : Access page B
Server - > Client : Page B | Header: Page C
Client -> Server : Access page C
Server -> Client : Page C
This distinction also has another interesting ramification. If the client browser has disabled cookies, then cookies may not be sent to the client. Thus session information cannot be transmitted between successive client requests in the regular way. This browser behavior does not however affect server-side forwards .This may be worked around by URL encoding which essentially involves embedding the session id in the URL to maintain session state.
No comments:
Post a Comment