[Catalyst] The old double-post issue

Wade.Stuart at fallon.com Wade.Stuart at fallon.com
Fri Sep 22 21:13:35 CEST 2006

catalyst-bounces at lists.rawmode.org wrote on 09/22/2006 01:19:52 PM:

> On Fri, Sep 22, 2006 at 10:45:51AM -0500, Wade.Stuart at fallon.com wrote:
> > > The token is stored in the session.  So all that happens is upon
> > > submission a check is made that the token exists in the form and it
> > > matches the current one stored in the session.  If so, it is deleted.
> > > When a new form is created a new token is created.  Someone can't
> > > really have two windows open at the same time.
> >
> > This seems like a bug to me,  the token list should be just that.   not
> > one off placeholder.  You should be able to have N tabs open on
> > forms on the same app/session without each form clobbering the previous
> > ones token.  Tokens are cheap and specific enough that they should be
> > until used.
> What about multiple forms on the same page?  Should there be one
> token per form or one token per request?

I think one per form would be the expected behavior,  but if it is general
enough and supports a queue of tokens you are free to use one token for
each form or one for each page of forms.. In its current state you have no
choice -- only one token is "valid" at any point in time.

> > > Geeze, if people double click on submit buttons and can get past the
> > > javascript then they get what they deserve. ;)
> >
> > That viewpoint is hard to sell to me.  If people double click and I am
> > smart enough to catch it I get what they deserve. =)
> Well, actually, they don't get what they deserve -- which is the
> output from the first request. ;)
> --
> Bill Moseley
> moseley at hank.org
> _______________________________________________
> List: Catalyst at lists.rawmode.org
> Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
> Searchable archive:
> Dev site: http://dev.catalyst.perl.org/

More information about the Catalyst mailing list