Previous
Chapter 19
Preventing Double Submits
Double form submits normally happen by accident or by the user’s not knowing what to do when it is taking a long time to process a form. Some double submits have fatal consequences, some simply unpleasant. For instance, when submitting an online payment in which a credit card will be charged, the user may click the submit button for the second time if the server’s response time is too slow. This may result in his/her credit card being charged twice. Other less critical examples include forms that add a new product and doubly submitting these forms will cause a product to be added twice.
Struts has built-in support for preventing double submits. It employs a technique that you can also find in other Web application development technologies. This technique involves storing a unique token in the server and inserting a copy of the token into a form. When the form is submitted, this token is also sent to the server. The server application will compare the token with its own copy for the current user. If they match, form submission is considered valid and the token is reset. Subsequent (accidental) submits of the same form will fail because the token on the server have been reset.
This chapter explains how to use Struts’ built-in feature for preventing double submits.