-
Type: Sub-task
-
Status: Resolved
-
Priority: Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 5.7.3
-
Component/s: Web Common
-
Tags:
The problem
Sometime user may double click on buttons / links :
- by mistake or because they think "double clicking is the standard on the web"
- because the app is slow and they think clicking a second time will make the response faster
- ...
Consequences
Double clicking on a button or form can lead to several problems since, this will create concurrent calls to the same Session/Conversation :
- it can trigger a ConcurrentRequestTimeoutException : if the transaction is slow
- the user will be redirected to an error page
- it will execute the transaction twice if the execution time is below the synchronization timeout :
- the action will be executed twice and this will be an issue if the action is not idempotent
- saveDocument would be ok
- lifecycle transition, email notif ... is not ok
- the action will be executed twice and this will be an issue if the action is not idempotent
Solution
Server side
Handling this problem can not be done server side :
- we would need a per form key to detect dual submission
- anyway the browser that does a dual submit will drop the response from the first submit
In some cases, we could have a sanity check for processing that are not idempotent, but anyway this won't solve the problem for real.
Client side
On the client side we can prevent the double click.
This means we must have JS that :
- registers for the onclik event on the buttons / link
- automatically disable all buttons/links once a click has been done
Technically, the SafeEdit lib that was recently introduce does a similar work.
We should extend the SafeEdit lib so that :
- a form that is managed by SafeEdit is automatically "double click shielded"
- we provide a that can be called on page load :
- to make a particular form "double click safe"
- to make all forms in the page