Double click submitting form twice is still an issue in 2023... #3614
Tomasz-Silpion
started this conversation in
Ideas
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Check general topic in Web Hypertext Application Technology Working Group whatwg/html#5312 repository.
We've recently released new version of big ecommerce store based on OpenMage and struggled a lot last days with both recaptcha errors reported in logs or many forms submitted more than once and duplicated both in admin and our ERP.
After general research it was spotted that we've forgotten to cover some forms with double click submission protection and it's hard to grasp that still, in late 2023 only Firefox covers such behavior properly.
Native OpenMage forms are not protected enough, let's use fresh install on openmage.dev as an example. Fill the registration form, double click on submit button in Chrome or Edge to spot "email already taken" or no message at all.
Go to contact form, type your message and hit the submission button as crazy to make store owners crazy mad about incoming spam.
I wonder, as long both Alphabet Inc. or Microsoft would not incorporate proper solution to prevent it in Chrome or Edge shouldn't we take the problem in our hands and prevent the problem e.g. with form_key expiration or another protection in the backend?
Sorry for taking such shiny openmage.dev domain but I promise to give it back to organization when needed. Anyway free to use it. Refer to .ddev sample data install for admin credentials.
Beta Was this translation helpful? Give feedback.
All reactions