Re: problem validating double submit from the server side

Mon, 21 May 2001 08:55:51 -0700 

I probably wouldn't go with this solution.  For one, you have to keep track
of all the user inputs for the last transactions so you can compare.  This
will get ugly.  Probably do something along the lines of putting a crumb
value in your requests.  if the crumb is not current/has been used already
then ignore the request.

Tinou
www.tinou.com

----- Original Message -----
From: "Lorena Carlo" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, May 21, 2001 11:42 AM
Subject: [JSP-INTEREST] problem validating double submit from the server
side


> Hey all,
>
> I got a problem, validating the double submit, I want to do it not with
> javascript, but with the servlets (server side).  I am doing the
following,
> I store in a session variable the time in seconds when the last
transaction
> occured, every time I make the same transaction again I compare the actual
> time with the time in the session variable that I stored previously.  If
the
> time difference is less than 6 seconds and the information that the user
> input is the same that the previous transaction then I dont process the
> request.  The problem is that the range of time varies upon the response
> time of the sistem, wich depends upon how many people are connected, then
I
> dont see that this range coud be reliable, can somebody give any detailed
> idea of how can I validate this double submit, from the server side?.
>
> For your help, I thank you in advance
>
> bye
>
> Lorena Carlo
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
>  http://java.sun.com/products/jsp/faq.html
>  http://www.esperanto.org.nz/jsp/jspfaq.html
>  http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
>  http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>

===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:

 http://java.sun.com/products/jsp/faq.html
 http://www.esperanto.org.nz/jsp/jspfaq.html
 http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
 http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets

Reply via email to