After reading a Wikipedia article about URL redirection I’m wondering if window.location.href="page.php" is the best option for a web page redirect. The wikipedia article suggests that
However, HTTP headers or the refresh meta tag may be preferred for security reasons and because JavaScript will not be executed by some browsers and many web crawlers.
Is there anything I have to worry about? What could be some alternatives using javascipt if there is a problem? The window.location.href is activated when the user logs in.
You should aim at making your login page work without requiring JavaScript to make it more accessible from any device; you can make the user experience nicer with JavaScript by doing client-side checks, but those have to be made on the server anyway. It’s quite common to do graceful degradation this way, allowing the lowest common denominator.
Having said that, if you’re already using JavaScript to perform your login, it’s obviously enabled and therefore redirection shouldn’t be a problem at all. Without specific references I wouldn’t be able to tell what security concerns that article is talking about.