Thinking about this can it work?
You cannot guarantee the second submit is performed after the first action has had a chance to remove
the session token can you?
On Wednesday, January 15, 2003, at 09:48 PM, Jason Carreira wrote:
Just thought this out some more. Here's how it could work:
the hidden token is set in the session when the form is shown, then
added to the form as a hidden field. When the action processes the form,
you look for the token and make sure it's the same as the last one you
put in the session before you process.
Jason
-----Original Message----- From: Jason Carreira Sent: Wednesday, January 15, 2003 4:04 PM To: [EMAIL PROTECTED] Subject: [OS-webwork] Hidden tokenHi all, In our evaluation of Struts vs. Webwork, I was asked about the ability to do hidden tokens on WW built forms and URLs. Struts apparently, in their form and link tags, have the possibility of (optionally) adding a hidden token (either as a hidden form field, or through URL rewriting), which can keep the user from clicking twice and executing your action twice. I don't remember seeing anything like this in WW, although my take is that this would be easy enough to add to the URLTag. Also, is there a ui:form tag? I'm not sure what all got added. I remember Rickard was talking about something to prevent 2 submits, but I'm not sure what it was... Thoughts? Would this be something good to add (given that it would be optional and not break anybodies existing code)? Jason -- Jason Carreira Technical Architect, Notiva Corp. phone: 585.240.2793 fax: 585.272.8118 email: [EMAIL PROTECTED] --- Notiva - optimizing trade relationships (tm) ------------------------------------------------------- This SF.NET email is sponsored by: A Thawte Code Signing Certificate is essential in establishing user confidence by providing assurance of authenticity and code integrity. Download our Free Code Signing guide: http://ads.sourceforge.net/cgi-> bin/redirect.pl?thaw0028en _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork------------------------------------------------------- This SF.NET email is sponsored by: A Thawte Code Signing Certificate is essential in establishing user confidence by providing assurance of authenticity and code integrity. Download our Free Code Signing guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0028en _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork
-------------------------------------------------------
This SF.NET email is sponsored by: Thawte.com
Understand how to protect your customers personal information by implementing
SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en
_______________________________________________
Opensymphony-webwork mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork
