I maintain a legacy (7yr old) ASP.NET 4.0 WebForm site. Our user base is around 2K-3K concurrent users during peak activity, usually in the spring of each year. I've been able to trap in the code, a user submitting the same webform more than once to the server...however the user is only clicking the submit button once. I've witnessed the activity to verify single-click submission.
For some odd reason, the browser (chrome) is posting the same web form 2,3, sometimes 4 times to the server. It seems to happen to most everyone using the app and varies from once every 5th button click to as high as every 20th button click. These duplicate submissions happen within milliseconds of one another.
Is there a good way for the server to recognize another request from the user and ignore it? Since it appears the browser is the culprit, the page content for the submission would be identical on subsequent submissions.
fwiw, I'm aware of the anti-forgery methods for crossSiteScripting in MVC, but this app is strictly WebForm (no MVC).
I'm not a heavy web programmer, but can learn just about anything. Most of my time is spent in T-SQL. But such is the way with funding for maintaining older apps. :)
(WebApp/LoadBalancer uses sticky-sessions, with ASP.NET State Server supporting 3 web servers for this app, if it matters. Once a user logs in against a specific web server, all traffic from that user stays on that specific web server.)
edit: i did find this: Generating AntiForgeryToken in WebForms which I think is a good solution...need to absorb it for a bit and see how it works in my prototype project.
