如果先前的提交仍在进行中,如何拒绝 HTML 表单提交?
所以我有这个表单,它使用 AJAX 执行相当长的数据发布,现在我有点偏执,一些聪明的家伙可能会打开 firebug 并重新触发发布过程,而以前的过程仍在进行中。我该如何避免这种情况?
谢谢!
So I have this form which executes a pretty long data posting using AJAX, now I am a bit paranoid that some smart bloke might open firebug and re-trigger posting process, while previous is still in action. How do I avoid this?
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
![扫码二维码加入Web技术交流群](/public/img/jiaqun_03.jpg)
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可以:
action
属性。话虽如此,为了防止重新提交,您在前端能做的就只有这么多了——总有办法解决。如果您非常关心这一点,那么服务器端验证也是必要的(并且通常推荐)。
You can:
action
attribute from form tag.With that said, there's only so much you can do on the front-end to prevent resubmissions - there's always a way around. If you are so concerned about this, then server-side validation is also necessary (and usually recommended anyway).
提交表单时设置一个条件,并添加对表单提交的检查。 jQuery 中的示例:
这优于禁用部分表单,因为可以从表单中的任何输入进行提交。
Set a condition when submitting the form, and add a check on form submission. Example in jQuery:
This is preferred to disabling parts of the form, since submission can occur from any input in the form.
首先,考虑到您担心由于规避客户端控件(即使用 Firebug 或 Fiddler 重新发出请求)而导致多次提交,您可以忘记在客户端应用控件的任何选项(即禁用按钮、JS检查提交状态等)。这是您必须在服务器上处理的问题。
查看 同步器令牌模式。这通常用于帮助防止 CSRF(如链接中的上下文),但它也用于避免多次表单提交。如果您可以在 AJAX 请求中传递一个令牌,该令牌经过验证,然后在请求开始处理后(显然是在繁重的工作开始之前)失效,您就拥有了一种防止多次提交的方法。
The first thing is that given you're worried about multiple submissions as a result of circumventing client controls (i.e. using Firebug or Fiddler to reissue requests), you can forget about any option which applies controls at the client side (i.e. disabling buttons, JS checks on submission status, etc). This is one you'll have to handle on the server.
Have a look at the synchroniser token pattern. This is commonly used to help prevent CSRF (as is the context in the link), but it's also used to avoid multiple form submissions. If you can pass a token through in your AJAX request which is verified then invalidated after the request begins processing (obviously before the heavy work begins), you've got yourself a means of preventing multiple submissions.