[racket] Question about the double submit bug 'in the wild'

From: Horace Dynamite (horace.dynamite at gmail.com)
Date: Fri Aug 20 18:19:23 EDT 2010

Previous message: [racket] Remote execution in Racket
Next message: [racket] Question about the double submit bug 'in the wild'
Messages sorted by: [date] [thread] [subject] [author]

I recently linked my bank account with a university for payment of
tuition fees and such. Once I'd given them all my information I was
presented with a confirmation page showing my details, it had the
following warning beneath it,

WARNING: Do not reload this page. Doing so could submit your financial
information again. Please click the "Go back to portal" button below
to exit.

I remembered this discussion in the continue blog application over at
the help desk, and it was solved using the redirect/get function. Why
isn't this method being used here? Are there gotchas with HTTPS using
this method? Would this be considered bad practise by professionals
not protecting their system against this?

Thanks,

Horace.

Posted on the users mailing list.

Previous message: [racket] Remote execution in Racket
Next message: [racket] Question about the double submit bug 'in the wild'
Messages sorted by: [date] [thread] [subject] [author]