On 17/05/2010 21:07, Christopher Schultz wrote: > Karthik, > > On 5/13/2010 3:45 AM, Karthik Nanjangude wrote: >> Question : My web application uses "href" & "css based image's" >> for transferring the request from 1 page to another The problem is >> UserVisitor is clicking the image based href MULTIPLE TIMES ( >> multiple clicks ) > > Ok. > >> <a href="image.jsp?mult=1" id='submitButton1' >> onClick="this.onclick=function(){return false}" target="_self" >> class="buttonRedSmall"><span>Submit Form</span></a></td> > > That's a nasty construct: when the user clicks the link, you change the > onClick handler? How about this: > > <a href="image.jsp?mult=1" id='submitButton1' > onclick="return false;" > class="buttonRedSmall"><span>Submit Form</span></a>
The goal of the original code is to change the onclick handler such that on the *second* click, the handler returns false and so stops the action, theoretically preventing the multiple click stream problem. p > BTW, the default target is "_self", so there's no need to specify that. > > Unless there is more Javascript that you haven't posted, the above does > not submit a form. > >> And causes the multiple form submits. How to prevent the same ? > > Do you mean that it loads the URL twice? > >> I googled / yahooed for Cross browser based tricks to disable the >> multiple request...Not luck so far ... > >> Can some body help me if Tomcat has any special features to prevent >> this attack ....... :( > > Please post some HTML code which shows a form submission and maybe we > can help. Note that this isn't exactly an "attack". --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
signature.asc
Description: OpenPGP digital signature