would this work if the user keeps hitting the f5 key (ie refresh)
-steve
Wade Chandler wrote:
Shapira, Yoav wrote:
Hi,
You can use JavaScript to disable form elements, thereby graying them
out and preventing the user from clicking again.
Yoav Shapira
Millennium Research Informatics
-Original
I've just come off implementing something very much like what Wade has
recommended, and it works a treat.
Note the use of a finally block to release the session lock, which is cool.
Basically, the first request sets a flag stored in the session object so
that no other (subsequent) request will
List
Subject: Re: Denial Service Attack Prevention apache-tomcat modjk2
I've just come off implementing something very much like what Wade has
recommended, and it works a treat.
Note the use of a finally block to release the session lock, which is
cool.
Basically, the first request sets a flag
To: Tomcat Users List
Subject: Re: Denial Service Attack Prevention apache-tomcat modjk2
I've just come off implementing something very much like what Wade has
recommended, and it works a treat.
Note the use of a finally block to release the session lock, which is
cool.
Basically, the first request
I assumed the forcing of cookies and sessions.
Me too. Most web applications that need to be concerned about repeat
requests are likely to be dependant on session objects one way or another.
And with that, a good weekend to all ;)
An excellent idea!
Kind regards
Harry
Hi,
You can use JavaScript to disable form elements, thereby graying them
out and preventing the user from clicking again.
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Steve [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 10, 2004 10:52 AM
To: Tomcat Users List
And server side you can use a token match from a form hidden element and
session attribute.
-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 10, 2004 7:56 AM
To: Tomcat Users List
Subject: RE: Denial Service Attack Prevention apache-tomcat modjk2
Shapira, Yoav wrote:
Hi,
You can use JavaScript to disable form elements, thereby graying them
out and preventing the user from clicking again.
Yoav Shapira
Millennium Research Informatics
-Original Message-
From: Steve [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 10, 2004 10:52 AM
To:
Howdy,
And you can disable the submit button up fron if the user has JavaScript
disabled,
displaying a message to indicate that your site requires JavaScript.
Then there is
also the SynchronizerToken which your app could use to recognize and ignore
duplicate requests.
Robert
UC Berkeley
thanks for all the code ideas, will forward them to our developers
on the flip side can apache or tomcat do anything for any sort of denial
attack prevention on a larger scale?
-s
Robert F. Hall wrote:
Howdy,
And you can disable the submit button up fron if the user has
JavaScript disabled,
10 matches
Mail list logo
