Vulnerability in EPiServer.Forms
Hi guys,I've been trying to wrap my head around this bug and I'm quite stuck. Basically, I've been trying to add a form in the products page and when a user tries to add the product to cart, it tries to validate the form first and then when the form is valid, the product is then added into the cart. But I've found a bug when testing it when you try to add a product into the cart and the form is invalid, the product doesn't get into the cart (working as expected) but then when you type in the required fields in the form and add the product into the cart, the product is then added twice. So basically, if you spam the "Add to Cart" button X multiple times, and then try to make the form valid, the product will then be added X multiple times.What I've basically done to check if the form is valid, and if it is, the product will be added into the cart.Here's the code I've done for it.
Any idea why this happens? Any idea on how to fix this one? Thanks!
I'm currently running this on Foundation with CMS version 11.20.5
I've never seen an 'Add to Cart' on an Episerver Form before.
Hi Surjit,I've added this in product.js addToCartClick method.
For now, I've tried to abort the request when the form is invalid. There might be some much better way to handle this though. But this is my workaround as of the moment.