Read online, there are several methods:
A form in your page HEAD area where adding this code:
<META HTTP-EQUIV="pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache, must-revalidate">
<META HTTP-EQUIV="expires" CONTENT="Wed, 26 Feb 1997 08:21:57 GMT">
2
Generates a token stored in the user session, in the form of adding a hidden field, showed that the value of the token, form submission and re-generate a new token will be submitted by the user token and the session
Comparison of the token, such as the duplication of the same is submitted to
3
Server-side controls in your code to use Response.Redirect ( "selfPage") statement. But most do not use this method a few.
There are many. . .
4
<input type="button" value="Submit">
5
FORM in the JSP page to add a hidden form field
<input type = "hidden" name = "url" value = <% = request.getRequestURL ()%>>
Your serverlet add the following statement
String url = request.getParameter ( "url");
response.sendRedirect (url);
I usually use this method returns the JSP pages, and do not understand what you said What is the concept of duplication refresh
6 ajax submit without refresh
7 Web development to prevent the browser's Refresh button to submit caused by system operators to repeat how solve it? Redirect page refresh can be resolved to bring the data submitted in duplicate, we can use to redirect the natural way to solve this problem. But the struts of the action inside mapping.findword (); jump, then the default is inside the project folder to find the page to jump. Such a situation, how solve it?
Modify the struts-config.xml file, there is a redirect in the action inside the re-orientation of the property, struts default is false, add this attribute into a true, write the forword to jump page in the absolute or relative address on the list amended as follows:
<action-mappings>
<action attribute = "newsActionForm" name = "newsActionForm"
input = "/ addnews.jsp" path = "/ newsAction" parameter = "method"
scope = "request" type = "com.yongtree.news.action.NewsAction">
<forward name="list" path="/listnews.jsp" redirect="true"> </ forward>
<forward name="error" path="/addnews.jsp"> </ forward>
</ action>
</ action-mappings>
Duplicate submission, duplicate refresh, to prevent back problems and treatment
1. Foreword you in any more professional BBS will see such a question, even if you look at Google, will find that there are a lot of people in concern and asked, but we give the solution they are all varied, (some people suggest using a script to solve; some just want to redirect to another page; others raise this issue to the point of Token) Why is there so much difference?
2. . The problem scenarios First of all, we should first understand why to deal with such problems? Or professional point is that it is suitable for a scene that? (It seems that only people to ask no one to explain)
1. Duplicate submission, duplicate submission refresh the scene repeated, repeated refresh is to resolve the issue of duplicate records system. That is the submission of an individual in a number one record (why? May be busy with no dry matter; most likely users simply do not know whether the submission of the results of the implementation of it?!).
But the emergence of such problems and does not necessarily have to deal with, depending on the systems you have developed category. For example, you take over is a resource management system, the system itself from the demand point of view are simply not a "duplicate" records, in such a constrained demand conditions, to carry out repeated actions can only trigger the submission of "business-level exception" generation, is simply impossible to avoid the implementation of successful just do not care to avoid the problem.
2. Understanding of the scene to prevent the duplication of back refreshed, repeated scenes of submission, let's look at "to prevent the back" for operational reasons for that? For example you are in the development of a voting system, it has a lot of steps and the link between these steps, such as the first step will be some information sent to the second step, the second step caches this information, while self - The information sent to the third step. . . . . , Etc. If the user at the third step, we imagine a naughty user's user clicks back button, the screen appears the second step of the page, he again re-submission of the amendment, or to enter into the The next step (that is, the third step), the error will be generated in this? ! What is wrong? The most typical is one such operation led directly to the information for the first step in a loss! (If such information is stored on Request, of course, you can be stored in Session or in a larger context, this is not a good idea! On information stored in the issue, the next in a detailed discussion on this issue)
Three . How to deal with the problem
Of course, many systems (for example, from the demand on their own reservation system, which allowed individuals to repeat booking) is the need to avoid duplication refresh, repeat submission, and the prevention of back problems, but even this problem, we must distinguish between how to deal with and where treatment (online only tell you how to deal with, but rarely to distinguish between where the handle), the obvious way to deal with is no more than two kinds of client-side or server-side, but faced with different ways to handle the position is different , but one thing to have to declare: Any client (especially B / S side) can not be trusted to deal with are the best and the most it should be a server-side approach.
Client-side processing:
The face of the client script we can use Javascript to solve, as
1. Repeat refresh, repeat submission of
Ways One: Set a variable, allowing only be submitted once.
<script language="javascript">
var checkSubmitFlg = false;
function checkSubmit () (
if (checkSubmitFlg == true) (
return false;
)
checkSubmitFlg = true;
return true;
)
document.ondblclick = function docondblclick () (
window.event.returnValue = false;
)
document.onclick = function doconclick () (
if (checkSubmitFlg) (
window.event.returnValue = false;
)
)
</ script>
<html:form action="myAction.do" method="post" οnsubmit="return checkSubmit();">
Way Two: to be submitted to the button or image set to disable
<html: form action = "myAction.do" method = "post"
onsubmit = "getElById ( 'submitInput'). disabled = true; return true;">
<html:image styleId="submitInput" src="images/ok_b.gif" border="0" />
</ html: form>
2. To prevent users from way back here, strange things, some changes to the browser's history, such as the use of window.history.forward () method; some had "a new page with the URL to replace the current historical record, so that browsing history only one page, the back button never becomes available. "For example the use of javascript: location.replace (this.href); event.returnValue = false;
2. Server-side processing (here, only said that Struts framework for processing)
The use of synchronous token (Token) mechanisms to address Web application duplicate questions submitted, Struts also gives a reference implementation.
Basic principle:
Server-side in dealing with requests arrive before the request will be included in the token value stored in the current user's session token value in the comparison,
See if it matches. After processing the request, and in reply sent to the client before, it will generate a new token, which is passed to the client other than the addition will be saved in the user's session token to replace the old. So, if you just fall back to the submission of a user page and resubmit, then pass over the token the client and server-side token on the inconsistent, thus effectively prevent the occurrence of duplicate submission.
if (isTokenValid (request, true)) (
/ / Your code here
return mapping.findForward ( "success");
) Else (
saveToken (request);
return mapping.findForward ( "submitagain");
)
Struts according to the user's session ID and the current system time to generate a unique (for each session) token, the concrete realization can refer to the
TokenProcessor class generateToken () method.
1. / / Verify transaction control token, <html:form> will be automatically identified in the session on behalf of the token generates a hidden input to prevent the two presented
2. In the action of:
/ / <input type = "hidden" name = "org.apache.struts.taglib.html.TOKEN"
/ / Value = "6aa35341f25184fd996c4c918255c3ae">
if (! isTokenValid (request))
errors.add (ActionErrors.GLOBAL_ERROR,
new ActionError ( "error.transaction.token"));
resetToken (request); / / delete session of the token
3. Action has such a method to generate token
protected String generateToken (HttpServletRequest request) (
HttpSession session = request.getSession ();
try (
byte id [] = session.getId (). getBytes ();
byte now [] =
new Long (System.currentTimeMillis ()). toString (). getBytes ();
MessageDigest md = MessageDigest.getInstance ( "MD5");
md.update (id);
md.update (now);
return (toHex (md.digest ()));
) Catch (IllegalStateException e) (
return (null);
) Catch (NoSuchAlgorithmException e) (
return (null);
)
)
Summary
Submitted for repeat, repeat refresh, to prevent the back, and so belong to the system to avoid duplication of records need to be addressed, on the client to deal with the need for each type of the corresponding solution may be made, however, appears to be a server-side but the authenticity of the testing problem for the data, token-based method of processing is once and for all.
At the same time we also see from different angles to look at the problem, its solution is also different. More pursuit of the client is the user's operation, which will focus on server-side processing of data, so in a seemingly easy for server-side issue, with the client to resolve the trouble a lot! On the contrary remain. Therefore, the handling of certain issues that we need comprehensive consideration and balanced, is to use the client to solve them? Still using server-side to deal with them?
878
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
