Allow CSR when server endpoints respond with a redirect

[hopperelec]

Describe the problem

I have server endpoints which always redirect to a page. To be clear, these endpoints redirect to different pages each time, so they can't just be skipped. It doesn't make sense to consider these endpoints as pages because they never display anything, but it does make sense to redirect to them. Currently, if I redirect to a server endpoint, it works fine, but it is done through page requests rather than CSR and the console shows Error: Not found: /server-endpoint.

Describe the proposed solution

SvelteKit should intercept, from the client, redirects made by server endpoints to allow for CSR

Alternatives considered

To avoid getting the error message, I could make the server endpoint respond with the new URL as part of the response body instead of the location header, then write my own redirection logic. However, there are a few problems with this:

• These endpoints won't exclusively be used via my app; I could send links to them elsewhere and I expect people who click the links to be redirected appropriately
• This wouldn't allow for CSR to work
• This involves writing my own logic, which would ideally be handled by SvelteKit

Importance

nice to have

Additional Information

No response

[Conduitry]

It is by design that the client-side not know about all of the server routes, because that's additional data to send to the client which it (generally) doesn't need in most apps. You can use https://kit.svelte.dev/docs/link-options#data-sveltekit-reload to force a given link to result in a regular page navigation (resulting the server redirecting as desired). Does this do what you want?

[hopperelec]

It is by design that the client-side not know about all of the server routes, because that's additional data to send to the client which it (generally) doesn't need in most apps.

That is fine, my proposed solution would not require the client to know about server endpoints. My proposed solution would even work for URLs outside of the app, assuming the external site responds with a redirect to a URL which is inside of the app (hence, a CSR could occur). SvelteKit should just intercept any of these redirects.

For example, if I have a SvelteKit app https://myapp.example.com/ and it has an anchor to an external site

<a href="https://external.example.com/">...</a>

Then, instead of immediately redirecting when the anchor is clicked, SvelteKit could intercept it. Then, if the external site responds with a redirect to https://myapp.example.com/some-other-page, then CSR could be used.

I imagine there could be some security or performance issues with intercepting external redirects, though, so it would be fine to just handle internal redirects.

If there would still be security or performance implications with this, then perhaps there should be an option for saying that a specific server endpoint should be known by the client. For example, +server.ts could have an export

export const alwaysRedirects = true;

You can use https://kit.svelte.dev/docs/link-options#data-sveltekit-reload to force a given link to result in a regular page navigation (resulting the server redirecting as desired)

This is already the current behaviour- it seems SvelteKit must fallback to this if it doesn't recognise a link as corresponding to a page. I want the opposite to happen- that is, I want the redirect to happen on the client