[whatwg] [Input type=submit] "Disable" after submitting
Kornel
kornel at geekhood.net
Tue Jan 26 07:22:42 PST 2010
On 26 Jan 2010, at 14:34, Aaron Bassett wrote:
>
> Ensuring that your server-side form handler can detect and properly
> deal with multiple submissions?
>
> Client-side validation should only ever supplement server-side
> validation, never replace it. The reason for client-side validation is
> to improve the user experience, it allows for common data entry
> problems to be detected and the user notified without a round trip to
> the server. IMHO disabling the submit button does not add anything to
> the user's experience, so there is no reason to do it. Unless you are
> too lazy to have proper server-side validation? ;)
I agree that in cases when it's important that duplicate submissions
are stopped (placing orders, etc.), there must be server-side
protection.
However it's not always essential (e.g. for idempotent actions or in
chat applications) and in these cases authors may be OK with weak
protection.
There are benefits of client-side prevention regardless of server-side
validation:
- if form is large (long wiki page or file upload), it saves time and
bandwidth.
- if client-side handles most cases, then server-side check for
duplicate submission becomes mainly a fallback and security measure,
and doesn't need to be as user-friendly (i.e. it would suffice if it
replied with error instead of having to silently redirect to previous
submission's result). This simplifies server-side implementation.
--
regards, Kornel
More information about the whatwg
mailing list