I would like to have a user redirected to an external credit card gate. Of course I have to POST some user info to that gate, but I don’t know how exactly can I do this.
I know that I could do this by generating a html form with hidden or read-only fields and have a user click “Submit” button. But this solution is not perfect, because all the form data could be easily changed using e.g. Firebug. I think you cannot do this using $this->_redirect(…). But maybe there is some other solution?
Many thanks for any tips or suggestions.
Using a form is the only method available. The RFC states that the user should explicitly agree to sending a POST (i.e. click on a submit button).
It is no more secure that using a redirect as the header data can be modified without too much of a problem. There are even Firefox plugins to do it.