token防止表单重复提交

出现表单重复提交的三种情况:

一、服务器响应缓慢,用户多次点击提交按钮。

二、提交成功后刷新页面。

三、提交成功后返回表单页面再次点击提交。

package com.jalja.token;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.UUID;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UserServlet  extends HttpServlet{
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doPost(request, response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
        request.setCharacterEncoding("utf-8");
        response.setContentType("text/html;charset=utf-8");
        String contextPath=request.getContextPath();
        String requestURI=request.getRequestURI();
        String path=requestURI.substring(contextPath.length()+1, requestURI.length());
        String token="";
        if(path.equals("index.do")){
            token = UUID.randomUUID().toString();//创建令牌
            System.out.println("在FormServlet中生成的token:"+token);
            request.getSession().setAttribute("token", token);  //在服务器使用session保存token(令牌)
            request.getRequestDispatcher("/index.jsp").forward(request, response);//跳转到form.jsp页面
        }
        if(path.equals("token.do")){
            String name=request.getParameter("username");
            String tokenValue=request.getParameter("tokenValue");//获取客户端的Token
            System.out.println("获取客户端的token:"+tokenValue);
            String server_token = (String) request.getSession().getAttribute("token");//获取服务器端的token
            if(tokenValue!=null && server_token!=null && server_token.equals(tokenValue)){
                System.out.println("处理请求; 获得name==》"+name);
                try {
                    Thread.sleep(3*1000);//模拟网络延迟
                } catch (InterruptedException e) {
                    e.printStackTrace();
                }
            }else{
                System.out.println("不处理");

            }
            request.getSession().removeAttribute("token");//每次处理玩请求都要移除掉token
        }
    }
    
}
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML>
<html>
  <head>
    <title>Form表单</title>
  </head>
  <body>
      <h2>防止表单重复提交</h2>
      <form action="${pageContext.request.contextPath}/token.do"  method="post">
         <input type="hidden" value="${token}" name="tokenValue"/>
                 用户名:<input type="text" name="username"/>
        <input type="submit" value="提交" id="submit"/>
    </form>
  </body>
</html>
<?xml version="1.0" encoding="UTF-8"?>  
<web-app version="2.5"   
    xmlns="http://java.sun.com/xml/ns/javaee"   
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee   
    http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> 
    <servlet>  
        <servlet-name>token</servlet-name>  
        <servlet-class>com.jalja.token.UserServlet</servlet-class>  
        <load-on-startup>1</load-on-startup>  
    </servlet>  
    <servlet-mapping>  
        <servlet-name>token</servlet-name>  
        <url-pattern>*.do</url-pattern>  
    </servlet-mapping>   
</web-app>

 

posted @ 2017-08-25 14:23  岁月淡忘了谁  阅读(1235)  评论(1编辑  收藏  举报