[racket] Question about the double submit bug 'in the wild'
I recently linked my bank account with a university for payment of
tuition fees and such. Once I'd given them all my information I was
presented with a confirmation page showing my details, it had the
following warning beneath it,
WARNING: Do not reload this page. Doing so could submit your financial
information again. Please click the "Go back to portal" button below
to exit.
I remembered this discussion in the continue blog application over at
the help desk, and it was solved using the redirect/get function. Why
isn't this method being used here? Are there gotchas with HTTPS using
this method? Would this be considered bad practise by professionals
not protecting their system against this?
Thanks,
Horace.