[Pdx-pm] Sorry CGI question

Roderick A. Anderson raanders at acm.org
Sun Dec 14 09:07:45 CST 2003

On Fri, 12 Dec 2003, Tom Phoenix wrote:

> Isn't there a module on CPAN for this? I couldn't find it, but my sleepy
> brain probably didn't think of the right search term.

I couldn't think of a good choice either and it was late in the day after 
a very early morning.

> If you're using a form, browsers are not supposed to blindly re-use a POST
> action without asking the user. Not that you can completely rely upon that
> happening... :-)  Of course, GET requests, such as clicking on link text,
> may be reused without any problem. So it sounds like this is a job for a
> POST, for one thing.

It is using HTTPS (on a Windows IIS system) and I'm a valid user on that 
system so the session certificate (?) doesn't expire as the system is used 
for several other processes that I access many times a day.

> I think you want to do something like this: Include something that makes
> each request unique, so that you'll know if the "same" form is used twice.
> For example, each time you generate the form, include some random data
> item, such as 'random_id=12345987'. (Or the equivalent as a form element,
> or whatever.)

I'd been thinking of this.  After looking at Randall's one-click I'll know 
which is better for this setup.

    "Open Source Software - You usually get more than you pay for..."
     "Build A Brighter Lamp :: Linux Apache {middleware} PostgreSQL"

More information about the Pdx-pm-list mailing list