Regarding hukka's comment about redirects, if the HTTP 1.1 spec says that the client should be prompted, what are we poor web application developers going to do?
I've worked with some developers who don't use redirects. They perform the form processing and response in one request/response cycle, with the rational being that the application runs faster (fewer requests/responses), but I've always kept with the redirects because it makes the application flow better from the user's perspective. The user never gets prompted to re-submit POST data when she hits the 'back' button. I haven't noticed much of a difference in speed.
However, there's still that darned HTTP spec. I read the spec for 302 and 307 codes, then I read the 303 spec, here. I believe the 303 code is there answer to that problem. Here's an example redirection that uses the 303 code:
header("HTTP/1.1 303 See Other");
Click here to continue.
If you have curl installed, run this command:
curl -i -X POST http://www.moxleydata.com/test_redirect.php
It outputs this:
HTTP/1.1 303 See Other
Date: Tue, 27 Apr 2004 17:25:48 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) FrontPage/126.96.36.19923 mod_python/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b PHP/4.1.2 mod_perl/1.26 mod_webapp/1.2.0-dev
As the spec says, not all browsers understand the 303, so you might want to include browser detection so that your applications sends alternate headers for those older browsers.
Moxley Data Systems