Post Data is not recieved on destination URL

Question

I had a scenario in which a data on form in http://www.omsite.com to be posted on other website say http://www.hissite.com/myfolder

Now whenever the data was being posted, rather then getting posted or getting Status Code 200 I was getting 301 Status code for permanent redirect and hence data was not getting posted.

Checking the destination URL I changed it from http://www.hissite.com/myfolder to http://www.hissite.com/myfolder/, yes, I added only a slash after /myfolder and there I got the successful response.

i need some help in understanding how just adding a forward slash at the end of destination URL made my data to get posted successfully?

Note: Destination webpage was the subdomain of source webpage

Answer 1

@anubhava has submitted his whilst I was typing and his explanation is correct. I can add more detail:

It depends on your server settings. One in particular being DirectorySlash. I had a learning curve with this about 2 years ago trying to POST to an API Endpoint I'd created.

If you don't put a slash on the end of your folder name the server can assume the folder you are referring to is actually a file (it doesn't matter if it physically exists or not). This is why it doesn't attempt to access any "index" file inside it and why the request doesn't appear to work. The DirectorySlash setting tells Apache to add a slash to the end of the URL if it's not a file (no extension) and by doing that it will then try to find an "index" file inside.

An additional setting called DirectoryIndex can be used to specify the types of "index" files you want to search for.

In instances where an incorrect redirect is issued for the appending of the slash, the _POST data can be lost - most commonly when a mod_rewrite is used in .htaccess and you haven't told it to redirect properly.

In short, if your server isn't told to automatically add the slash to the end of the URL, it is most commonly treated as a file with no extension.

Here's a link to the Apache settings and additional information: https://httpd.apache.org/docs/2.4/mod/mod_dir.html

Answer 2

i need some help in understanding how just adding a forward slash at the end of destination URL made my data to get posted successfully?

That is happening because myfolder on the destination site is a real directory. There is module called mod_dir in Apache responsible for this behavior due to security reasons.

1. Whenever a request comes for a real directory without a trailing slash then mod_dir redirects to same URI plus a trailing slash using 301 status code.
2. Once 301 redirect happens POST data gets lost.
3. When you used http://www.hissite.com/myfolder/ to POST data then mod_dir didn't come into picture since your URI already has a trailing slash hence no redirect and no loss of POST data.

This behavior can be changed using:

DirectorySlash Off

But it is considered a potential security risk as it might reveal directory content.

Answer 3

As search engines can be rather difficult when it comes to duplicate content issues with the content on different url versions of the same page being seen to be duplicate, many webmasters make any directory page have a trailing slash.

Now any non trailing slash directory redirects to the slash version, and probably you'll find that the index.html, index.php etc also redirect to the trailing slash version.

This however means that there is a policy on the server (such as with a .htaccess rule) that forces the 301 redirect and stopped your POST from working.

There are answers here showing how the recipient could manage that.