Stop Refresh from Resubmitting Form

Question

I did my research and found this page:

How do I stop the Back and Refresh buttons from resubmitting my form?

I would prefer if I could avoid using the Post-Redirect-Get pattern and instead have some variable change in the form when I submit it the first time. However, I don't know how this would be done because when you hit refresh the idea is you are resubmitting the form you just submitted. Any suggestions?

Answer 1

This is usually dealt with via a redirect after the POST request. Clicking back will simply redirect the user away again. I know you mention you want to avoid this but I can't see any valid reasons.

Answer 2

When a browser is told to refresh, it re-sends the last request that it sent. If the last request sent was a form submission, then the form will be re-submitted. There's no way around that because that's simply how the model works.

To prevent undesired effects, you have to either:

• use post-redirect-get, so that the last request (the one that gets re-sent) will be one which reads the results of your form submission rather than the form submission itself or
• put an identifier in the form so that the re-submission can be ignored by the server (although the user will still see the "do you want to re-submit?" confirmation)

I am not aware of any other options and, given the way that "refresh" works, I don't really see how there could be any others. Of those two choices, post-redirect-get gives the cleanest user experience and is the most theoretically "pure" use of HTTP verbs, so it is generally preferred and, IMO, the correct solution.

Answer 3

Send a unique form identifier, such as a UUID, with the form, in a hidden field. Keep track of which UUIDs you've already seen (perhaps per-session, so your database doesn't grow without limit or need occasional trimming) and silently ignore re-submissions.