Opened 3 months ago

Closed 3 months ago

Last modified 3 months ago

#36413 closed New feature (wontfix)

Add delayed_redirect() shortcut for HTML-based client-side redirection

Reported by: Mobin Ghaemi Owned by:
Component: HTTP handling Version: dev
Severity: Normal Keywords: shortcuts redirect delay
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

This new utility provides a shortcut to perform client-side redirects via a delay.

Accepts a request, target URL, and an optional delay (in seconds).
Useful for displaying confirmation messages before redirecting.

See PR: https://github.com/django/django/pull/19498

Change History (3)

comment:1 by Natalia Bidart, 3 months ago

Component: Core (Other)HTTP handling
Resolution: wontfix
Status: newclosed
Version: 5.1dev

Hello! Thank you for your report and interest in making Django better.

As you shown in your PR, this is simple to add to your code base, and it seems a very specific need arising from a niche use case. I don't think this applies to the broader ecosystem, and Django is a framework designed to offer robust and accurate solutions for common scenarios.

Given the above, I'll close the ticket accordingly, but if you disagree, you can consider requesting the new feature idea to be discussed and re-evaluated following the the documented guidelines for requesting features.

comment:2 by Mobin Ghaemi, 3 months ago

Hello,

I opened a topic on the forum and received two pieces of feedback, but they were not satisfactory.

Since I work at a banking company (Dotin), I understand the importance of this matter — especially in payment flows where sensitive information is provided and then possibly returned or reused later.

We’ve been using this module unofficially for quite some time in our internal systems. Recently, we decided to make it official so we no longer need to modify the official Django version manually.

Why is this module useful?

After a payment process, users may see certain information on the following pages.

However, due to the complexity of the purchase process in our country, we often use shared systems, or users pay someone else to complete the process on their behalf.

Now imagine someone uses a shared system and views sensitive information.

That confidential data remains visible until the user manually navigates away from the page — either by clicking a button or through a return redirect.

Currently, none of these things are enforced automatically. Why?

Because the transition is handled entirely on the frontend. That means the server doesn’t actually process or control the transition — it’s left to the frontend, which poses security concerns.

Instead of this fragile, two-sided handling with low security, we believe Django can handle it properly and securely using a simple module.

Thread number : https://forum.djangoproject.com/t/proposal-add-delayed-redirect-shortcut-to-simplify-client-side-redirection/41079

comment:3 by Natalia Bidart, 3 months ago

Feedback in the forum shows a consensus against having this helper added to Django core, so the ticket will remain as wontfix. Thanks!

Note: See TracTickets for help on using tickets.
Back to Top