What form will appear when the duplicate submission

1. Repeat submit the form

①: Repeat submission: submit the form to a Servlet, and servlet request forwarded by the way they respond to a jsp (html), this time the address bar is the first time the servlet request to the address bar, in response to refresh the page, there will be repeated submit. Redirect will not

Solution: Do not forwarded to another page, using redirection way to jump to the target page

response.sendRedirect(request.getContextPath()+"/background/main.jsp");

②: When the form is submitted, if speed is poor, may lead to click the submit button several times, this can lead to a form submitted to repeat

Solution: After submission, the button is set to not use (js)

<Script type = "text / JavaScript"> 
    the window.onload = function () { 
        // Get button object 
        var BTN = document.getElementById ( "BTN"); 
        // bind the button click response function 
        btn.onclick = function () {      
            later // click button unavailable 
            this.disabled = to true;   
            // when the submit button is set to unavailable, automatically cancels its default behavior 
            // manual submission form 
            this.parentNode.submit ();   
        } ; 
    }; 
</ Script> 
......

<input type="submit" value="提交" id="btn">

③: After the form is submitted successfully, simply click rollback button on the browser, without refreshing the page, and then click the submit button to submit the form again

Solution: Add a tag in the jsp 
reg.jsp:

<%@page import="java.util.UUID"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<%//java代码
    //随机出现一个令牌，转成String，并且去除其中的“-”
    String uuid = UUID.randomUUID().toString().replace("-", "");
    
<body>, UUID);

    session.setAttribute ( "token1"the generated session token into domain//
    %>
  
    <form action="regServlet" method="post">
        <input type="hidden" name="token" value="<%=uuid%>"/>
        用户名：<input type="text" name="name"><br>
        密&nbsp;&nbsp;码： <input type="password" name="pwd"><br>
        <input type="submit" value="注册">
    </form>
    
</body>
</html>

RegServlet.java

package com.hpe.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@WebServlet("/regServlet")
public class RegServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;
       
    public RegServlet() {
        super();
    }

    protected  void the doGet (the HttpServletRequest Request, the HttpServletResponse Response) throws ServletException, IOException { 
    } 

    protected  void the doPost (the HttpServletRequest Request, the HttpServletResponse Response) throws ServletException, IOException { 
        Request.setCharacterEncoding ( "UTF-. 8" );
         // get the user request parameters
         // Get reg token in the token, preventing the user resubmit
         // Get <input> tag token 
        String = request.getParameter token ( "token" );
         // Get the session token 
        String token1 = (String) request.getSession () .getAttribute ( "token1");
         // two tokens determination, equal, to: register corresponds successfully remove the session token,
         @              as after successful registration, the session empty, two tokens are not equal, the determination is repeatedly submit 
        IF ( token.equals (token1)) { 
            System.out.println ( "registered successfully" ); 
            Request.getSession () removeAttribute (. "token1" );
             // forwards the request - generally used in a shared data request (the setAttribute)
             // Why would produce duplicate submission ---
             // forwarding address bar has not changed, still regServlet, refresh the equivalent of re-request a regServlet, then perform a 
            request.getRequestDispatcher ( "/ index.jsp" ) .forward (request, the Response ); 
        } the else { 
            System.out.println ("Registration failed, repeat submission" ); 
            request.getRequestDispatcher ( "/index.jsp" ) .forward (Request, the Response); 
        } 
        
        // to assign parameters to the entity class properties 
        
        // call the service method 
        
        // determine whether the registration was successful 
        
        
        
        
        
    } 

}

Hazard resubmit the form of:
         - a lot of duplication and insertion of data does not make sense to the database, tying up server resources
         - server processes the request and did not check whether the request is a duplicate request, leading to malicious attacks

2. The situation is not to repeat the

①: registered, click back, refresh the original form page, not to repeat

Because, in the registration page refreshes, equivalent to re-register a new user.