如何防止“确认表单重新提交"对话? [英] How to prevent the "Confirm Form Resubmission" dialog?
问题描述
如何在提交后清理表单中的信息,以便在页面刷新后不显示此错误?
How do I clean information in a form after submit so that it does not show this error after a page refresh?
查看图片(来自 chrome):
See image (from chrome):
对话框有文字:
您要查找的页面已使用
您输入的信息.回到那个
页面可能会导致您采取的任何操作
重复.要继续吗?
The page that you're looking for used
information that you entered. Returning to that
page might cause any action you took to be
repeated. Do you want to continue?
我不想出现这个对话框.
I want this dialog not to appear.
推荐答案
自从我最初发布这个答案已经有几年了,尽管我得到了一些赞成票,我还是对我之前的回答不太满意,所以我完全重做了.我希望这会有所帮助.
It's been a few years since I originally posted this answer, and even though I got a few upvotes, I'm not really happy with my previous answer, so I have redone it completely. I hope this helps.
摆脱此错误消息的一种方法是让您的表单使用 GET 而不是 POST.请记住,这并不总是合适的解决方案(请阅读下文).
One way to get rid of this error message is to make your form use GET instead of POST. Just keep in mind that this is not always an appropriate solution (read below).
如果您正在执行不想重复的操作,如果正在传输敏感信息,或者您的表单包含文件上传或所有数据的长度,请始终使用 POST发送的长度超过 ~2000 个字符.
何时使用 POST 的示例包括:
Examples of when to use POST would include:
- 登录表单
- 联系表格
- 提交付款表格
- 从数据库中添加、编辑或删除条目的东西
- 一个图像上传器(注意,如果使用带有
字段的GET,只有文件名将被发送到服务器,在 99.73% 的情况下,这不是您想要的.) - 一个包含多个字段的表单(如果使用 GET 会创建一个很长的 URL)
- A login form
- A contact form
- A submit payment form
- Something that adds, edits or deletes entries from a database
- An image uploader (note, if using
GETwith an<input type="file">field, only the filename will be sent to the server, which 99.73% of the time is not what you want.) - A form with many fields (which would create a long URL if using GET)
在任何这些情况下,您都不希望人们刷新页面并重新发送数据.如果您要发送敏感信息,使用 GET 不仅不合适,而且会造成安全问题(即使表单是通过 AJAX 发送的),因为敏感项目(例如用户密码)是在URL,因此将显示在服务器访问日志中.
In any of these cases, you don't want people refreshing the page and re-sending the data. If you are sending sensitive information, using GET would not only be inappropriate, it would be a security issue (even if the form is sent by AJAX) since the sensitive item (e.g. user's password) is sent in the URL and will therefore show up in server access logs.
使用 GET 基本上可以用于其他任何事情.这意味着,当您不介意它是否重复时,对于您可以提供直接链接的任何内容,当没有传输敏感信息时,当您非常确定您的 URL 长度不会失控时,并且当您的表单没有任何文件上传时.
Use GET for basically anything else. This means, when you don't mind if it is repeated, for anything that you could provide a direct link to, when no sensitive information is being transferred, when you are pretty sure your URL lengths are not going to get out of control and when your forms don't have any file uploads.
示例包括:
- 在搜索引擎中执行搜索
- 用于浏览网站的导航表单
- 使用随机数或一次性密码(例如电子邮件中的取消订阅"链接)执行一次性操作.
在这些情况下,POST 是完全不合适的.想象一下,如果搜索引擎使用 POST 进行搜索.每次刷新页面时,您都会收到此消息,而且您无法将结果 URL 复制并粘贴给其他人,他们必须自己手动填写表单.
In these cases POST would be completely inappropriate. Imagine if search engines used POST for their searches. You would receive this message every time you refreshed the page and you wouldn't be able to just copy and paste the results URL to people, they would have to manually fill out the form themselves.
对我来说,在大多数情况下,即使弹出确认表单重新提交"对话框也表明存在设计缺陷.由于 POST 用于执行破坏性操作的本质,网页设计师应该防止用户因意外(或故意)刷新页面而多次执行这些操作.许多用户甚至不知道此对话框的含义,因此只需单击继续".如果那是在提交付款"请求之后呢?付款会再次发送吗?
To me, in most cases even having the "Confirm form resubmission" dialog pop up shows that there is a design flaw. By the very nature of POST being used to perform destructive actions, web designers should prevent users from ever performing them more than once by accidentally (or intentionally) refreshing the page. Many users do not even know what this dialog means and will therefore just click on "Continue". What if that was after a "submit payment" request? Does the payment get sent again?
那你怎么办?幸运的是,我们有 Post/Redirect/Get 设计模式.用户向服务器提交 POST 请求,服务器将用户的浏览器重定向到另一个页面,然后使用 GET 检索该页面.
So what do you do? Fortunately we have the Post/Redirect/Get design pattern. The user submits a POST request to the server, the server redirects the user's browser to another page and that page is then retrieved using GET.
这是一个使用 PHP 的简单示例:
Here is a simple example using PHP:
if(!empty($_POST['username'] && !empty($_POST['password'])) {
$user = new User;
$user->login($_POST['username'], $_POST['password']);
if ($user->isLoggedIn()) {
header("Location: /admin/welcome.php");
exit;
}
else {
header("Location: /login.php?invalid_login");
}
}
请注意,在此示例中,即使密码不正确,我仍然重定向回登录表单.要向用户显示无效的登录消息,只需执行以下操作:
Notice how in this example even when the password is incorrect, I am still redirecting back to the login form. To display an invalid login message to the user, just do something like:
if (isset($_GET['invalid_login'])) {
echo "Your username and password combination is invalid";
}
这篇关于如何防止“确认表单重新提交"对话?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
