cubicweb #120100 preventing double-submits/form replay [resolved]

the current hack to work around double submits (typically coming from dble clics on "validate" buttons) entails wrapping validation form buttons with a freezeForm() call or something

but is can be easy to forget this when building one's own forms -- it is not pervasive

and malicious users may probably cheat around it

what about a session-based token enabling form acceptance ?

done in3.1.1
load left0.000
closed by<not specified>