如果先前的提交仍在进行中,如何拒绝 HTML 表单提交?

发布于 2024-11-13 03:57:41 字数 110 浏览 4 评论 0原文

所以我有这个表单,它使用 AJAX 执行相当长的数据发布,现在我有点偏执,一些聪明的家伙可能会打开 firebug 并重新触发发布过程,而以前的过程仍在进行中。我该如何避免这种情况?

谢谢!

So I have this form which executes a pretty long data posting using AJAX, now I am a bit paranoid that some smart bloke might open firebug and re-trigger posting process, while previous is still in action. How do I avoid this?

Thanks!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

染墨丶若流云 2024-11-20 03:57:41

您可以:

  • 禁用提交按钮。
  • 防止按下 Enter 键。
  • 从表单标签中删除 action 属性。
  • 首次提交时重定向到另一个页面,并使包含表单的页面过期。

话虽如此,为了防止重新提交,您在前端能做的就只有这么多了——总有办法解决。如果您非常关心这一点,那么服务器端验证也是必要的(并且通常推荐)。

You can:

  • Disable submit buttons.
  • Prevent Enter key presses.
  • Remove action attribute from form tag.
  • Redirect to another page upon first submission and expire the page with form on it.

With that said, there's only so much you can do on the front-end to prevent resubmissions - there's always a way around. If you are so concerned about this, then server-side validation is also necessary (and usually recommended anyway).

柠檬色的秋千 2024-11-20 03:57:41

提交表单时设置一个条件,并添加对表单提交的检查。 jQuery 中的示例:

$('form').submit(function(e) { 

    // If form has been submitted
    if($(this).data('submitted') == true) {
        e.preventDefault();
        return;
    }

    // Set the condition
    $(this).data('submitted',true);

    //...

    //After form has been submitted successfully, release the condition
    $(this).data('submitted',false);
});

这优于禁用部分表单,因为可以从表单中的任何输入进行提交。

Set a condition when submitting the form, and add a check on form submission. Example in jQuery:

$('form').submit(function(e) { 

    // If form has been submitted
    if($(this).data('submitted') == true) {
        e.preventDefault();
        return;
    }

    // Set the condition
    $(this).data('submitted',true);

    //...

    //After form has been submitted successfully, release the condition
    $(this).data('submitted',false);
});

This is preferred to disabling parts of the form, since submission can occur from any input in the form.

新一帅帅 2024-11-20 03:57:41

首先,考虑到您担心由于规避客户端控件(即使用 Firebug 或 Fiddler 重新发出请求)而导致多次提交,您可以忘记在客户端应用控件的任何选项(即禁用按钮、JS检查提交状态等)。这是您必须在服务器上处理的问题。

查看 同步器令牌模式。这通常用于帮助防止 CSRF(如链接中的上下文),但它也用于避免多次表单提交。如果您可以在 AJAX 请求中传递一个令牌,该令牌经过验证,然后在请求开始处理后(显然是在繁重的工作开始之前)失效,您就拥有了一种防止多次提交的方法。

The first thing is that given you're worried about multiple submissions as a result of circumventing client controls (i.e. using Firebug or Fiddler to reissue requests), you can forget about any option which applies controls at the client side (i.e. disabling buttons, JS checks on submission status, etc). This is one you'll have to handle on the server.

Have a look at the synchroniser token pattern. This is commonly used to help prevent CSRF (as is the context in the link), but it's also used to avoid multiple form submissions. If you can pass a token through in your AJAX request which is verified then invalidated after the request begins processing (obviously before the heavy work begins), you've got yourself a means of preventing multiple submissions.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文