
313
seCure ClIent server Form vAlIdAtIon
Preventing Double Form Submission
Preventing multiple submissions of a form is a requirement in just about every case.
Ifmultiple submissions are not checked for, then duplicate data, corrupt data, or mul-
tiple purchases might be made. ere are various ways that forms can be submitted
more than once. e user might hit the back button, or hit the submit button more
than once, or an attacker might insert direct POST requests to the application.
Here are two methods for preventing multiple form submission—the Post-Redirect-
Get pattern and tracking form tokens.
Post-Redirect-Get Pattern for Form Processing
P