2

I'm using Laravel 3 and it's not obvious how to set headers in any way other than through Response::make().

I am doing a redirect like this: 

return Redirect::to('admin/check');

I'd like to set an additional no-cache header for the redirect like so:

"Cache-Control: no-store, no-cache, must-revalidate"

I realize I could just do this directly in PHP, but is there any way to set response headers via Laravel?

sepehr
  • 17,110
  • 7
  • 81
  • 119
John Mellor
  • 2,351
  • 8
  • 45
  • 79

2 Answers2

5

When you call Redirect::to() Laravel instantiates a Response object with 302 status and a Location header. That Response object is then returned by the controller and rendered as a proper HTTP response, so, at controller time, you can still change its headers.

To be even more precise class Redirect extends Response. Take a look here You can achieve that by simply using:

return Redirect::to('admin/check')
    ->header('Cache-Control', 'no-store, no-cache, must-revalidate');
vFragosop
  • 5,705
  • 1
  • 29
  • 31
  • Actually, this doesn't work. The header is ignored in the response. – Gustavo Straube May 10 '17 at 11:48
  • @GustavoStraube, I'm afraid this is an old answer. At that time, Laravel was on version 3 and a lot of things changed since then. I'm not working with Laravel anymore and so I can't tell how you are supposed to implement it nowadays. I'll gladly update the answer if you suggest an edit :) – vFragosop May 10 '17 at 16:36
  • Actually, your code is likely to run in recent versions of Laravel – in terms of not cause any error. It doesn't work, though, due to the way HTTP works. Please check @sepehr's answer. You'll see custom headers can't be sent with a redirect. I was trying to achieve that and the server simply ignores the headers you try to set. – Gustavo Straube May 12 '17 at 10:12
2

I'm afraid, the accepted answer is wrong and misleading!

It's impossible to redirect to a page with custom headers set, no matter what language or framework you use. In other words, there's no way to trigger an HTTP redirect and cause the client (browser) to add a custom header.

You might be thinking that this code should work just fine: 

return Redirect::to('admin/check')
    ->header('Cache-Control', 'no-store, no-cache, must-revalidate');

But it won't. You're setting the custom headers for the response which is instructing the browser to redirect, not for the redirect itself.

The only way for a site to instruct a browser to issue an HTTP request with a custom header is to use Javascript and the XMLHttpRequest object. And it needs CORS implemented on the target server to allow such ajax requests.

Please note that a page can not set HTTP request headers unless it's making an async request using XMLHttpRequest. Meaning that you can't do such redirection with the custom header on the client-side as well.

That's not how the web works.

sepehr
  • 17,110
  • 7
  • 81
  • 119
  • It works for me with Laravel 6. I use this code: `return redirect($url, 301)->header('Cache-Control', 'no-cache');` and the browser gets the redirect 301 response with the header `Cache-Control: no-cache, private` So it doesn't cache the response, then the next time the browser asks for the original url, it asks the server again instead of getting it from the browser disk cache. – Maria Vilaró Aug 23 '21 at 08:28