Action address in HTML forms

Andy Wardley abw at
Thu Mar 5 09:24:18 GMT 2009

Zbigniew Lukasiak wrote:
> Is it then a reasonable rule when writing a 'high level web
> library/framework' to restrict the forms to always submit to their own
> address?

It's a reasonable default, but not so good as a restriction.  I can think
of several occasions where my forms don't submit straight back to the
place that generated them.

For example, I'm working currently on a project where we have an external CMS
for customers to use and an internal CMS (with extra wizzy features) for the
support staff to use.

Image upload from the internal CMS is messy as it requires syncing the
files out to the external machine.  So instead we have the internal CMS
generate a form which submits the image upload to the external CMS along
with a hidden parameter which says "redirect the user back to *here* when
the image upload is done".

   -> generates form, user submits ->

   -> accepts upload (or prints errors), redirects ->

Another scenario is where you have one page with lots of forms on it.
Each one changes a different aspect of some data and is handled by separate

    | update blah -> url1 |

    | update yada -> url2 |

    | update bobo -> url3 |

In this case the page generating the forms is not the same page that
receives the form data.  Otherwise your one handler ends up with lots
of separate code branches to process each form.


More information about the mailing list