What is best practice for passing parameters with RedirectToAction?

Coreysan 1,021 Reputation points
2022-11-10T20:52:00.007+00:00

I have a view with a form and HttpPost. When the model gets
passed to the action, I want to test a string, and then redirect to a different action.

So my solution was to do this: 

[HttpPost]  
public IActionResult Privacy(UserStatusViewModel model)  
{  
    if (model.UserFound != null)  
    {  
        return RedirectToAction(nameof(Index), new { userstatus = model.UserFound });  
    }  
  
    return View(model);  
}  

public IActionResult Index(string userstatus = null)  
{  
    return View(model:userstatus);  
}

This works, but I'm really uncomfortable with it. What would be the cleanest way to
perform the following steps:
a. Post to the Privacy action method
b. Do some tests
c. Based on the results, redirect to action method "Index" with a string?

I realize I could use ViewData, but I'm not cool on that either. I don't know what's bothering me!

ASP.NET Core
ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
3,129 questions
0 comments
Accepted answer
  1. Xinran Shen - MSFT 1,591 Reputation points Microsoft Vendor
    2022-11-11T02:19:48.32+00:00

    Hi, @Coreysan

    From your code, I think you just want to pass a string value to another view. And from your description of the question, You seems to think that use: 

    return RedirectToAction(nameof(Index), new { userstatus = model.UserFound });

    to redirect to HttpGet method of Index is a little bit not clean.

    In my opinion, You can try this code: 

    [HttpPost]  
 public IActionResult Privacy(UserStatusViewModel model)  
 {  
     if (model.UserFound != null)  
     {  
         return View("Index", model.UserFound );  
     }  
      
     return View(model);  
 }

    This code will just return a string (model.UserFound) to Index view directly instead of redirecting to another action. I think it is cleaner than using return RedirectToAction(xx).

    ---------------------------------------------------------------------------------------------------------------------------------------------------------

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,
    Xinran Shen

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bruce (SqlWork.com) 35,641 Reputation points
    2022-11-10T21:01:35.57+00:00

    a redirect can only pass data on the query string (you can not send post data with a redirect). a best practice is to encrypt keys and sensitive data. another best practice is to store the data on the server in a persistent store, and only pass a key (guid) to the data.

    0 comments