[LRUG] Double submit
Philip stevens
phil at retechnica.com
Fri Apr 24 02:51:50 PDT 2015
I agree with Riccardo and I would follow up on this by having the DB, or any persistent layer, store these uniquely. So if one request came close enough to another and the read returned nothing it would still fail on the write.
I presume when you are talking about special few outpacing the browser you mean they have JavaScript disabled? Otherwise in Rails you can do the following:
<code>
submit_tag 'Submit', data: { disable_with: 'Text’ }
</code>
Regards,
Phil
> On 24 Apr 2015, at 09:51, Riccardo Tacconi <rtacconi at gmail.com> wrote:
>
> Hi,
>
> You could put a hash in a hidden field, when Rails receives the first submission you save it in the session with a timestamp. Every time you receive new submission you check if the has has been already used in the last few seconds, if it was already used you trigger a validation error. You will have to clean stale submission from the session. Otherwise you could put the has in the DB.
>
> On 24 April 2015 at 09:43, Andrew Stewart <boss at airbladesoftware.com> wrote:
> Hello LRUG!
>
> Some people using my Rails app are speedy double-clickers of form submit buttons. While I admire their alacrity I would like Rails to ignore the duplicate submissions.
>
> Disabling the submit button client-side heads off the quick-but-not-lightning double-clickers. However a special few still outpace the browser so I am after a server-side solution.
>
> I imagine each form submission would have a unique token and the server would ignore or raise an error for submissions with duplicate tokens within a rolling window of, say, a few seconds. Perhaps this would be handled in a Rack middleware.
>
> Does such a thing already exist? I know this is an old problem but I can't seem to find any decent solutions.
>
> Thanks in advance!
>
> Yours,
>
> Andy Stewart
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
>
>
>
> --
> Riccardo Tacconi
>
> http://github.com/rtacconi
> http://twitter.com/rtacconi
> _______________________________________________
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
More information about the Chat
mailing list