On 17/05/2010 21:07, Christopher Schultz wrote:
> Karthik,
>
> On 5/13/2010 3:45 AM, Karthik Nanjangude wrote:
>> Question : My web application uses "href" & "css based image's"
>> for transferring the request from 1 page to another The problem is
>> UserVisitor is clicking the image based href MULTIPLE TIMES (
>> multiple clicks )
>
> Ok.
>
>> <a href="image.jsp?mult=1" id='submitButton1'
>> onClick="this.onclick=function(){return false}" target="_self"
>> class="buttonRedSmall"><span>Submit Form</span></a></td>
>
> That's a nasty construct: when the user clicks the link, you change the
> onClick handler? How about this:
>
> <a href="image.jsp?mult=1" id='submitButton1'
> onclick="return false;"
> class="buttonRedSmall"><span>Submit Form</span></a>The goal of the original code is to change the onclick handler such that on the *second* click, the handler returns false and so stops the action, theoretically preventing the multiple click stream problem. p > BTW, the default target is "_self", so there's no need to specify that. > > Unless there is more Javascript that you haven't posted, the above does > not submit a form. > >> And causes the multiple form submits. How to prevent the same ? > > Do you mean that it loads the URL twice? > >> I googled / yahooed for Cross browser based tricks to disable the >> multiple request...Not luck so far ... > >> Can some body help me if Tomcat has any special features to prevent >> this attack ....... :( > > Please post some HTML code which shows a form submission and maybe we > can help. Note that this isn't exactly an "attack". --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
signature.asc
Description: OpenPGP digital signature
