cubicweb #120100 preventing double-submits/form replay [resolved]
the current hack to work around double submits (typically coming from dble clics on "validate" buttons) entails wrapping validation form buttons with a freezeForm() call or something
but is can be easy to forget this when building one's own forms -- it is not pervasive
and malicious users may probably cheat around it
what about a session-based token enabling form acceptance ?
|closed by||<not specified>|