Bug 6223

Summary: can click login multiple times and accidentally get multiple sessions
Product: ThinLinc Reporter: Pierre Ossman <ossman@cendio.se>
Component: Web AccessAssignee: Samuel Mannehed <samuel@cendio.se>
Status: CLOSED FIXED QA Contact: Bugzilla mail exporter <bugzilla-qa@cendio.se>
Severity: Normal    
Priority: P2 CC: astrand@cendio.se
Version: 1.3.1Keywords: ossman_tester, relnotes
Target Milestone: 4.9.0   
Hardware: PC   
OS: Unknown   
Acceptance Criteria:

Description From cendio 2017-04-04 15:29:01
Originally reported on bug 5953.

It's possible to click the Login button several times (e.g. doing a double
click) and having the server create multiple sessions. Ideally we want to make
sure that the current transaction is done before we allow the user to start

Note that this is still an issue even if bug 5953 is fixed. On a system which
allows multiple sessions you still don't want to have users accidentally create
extra sessions they don't know about.

Bug 5953 also has a quick and dirty patch for this which could be used as a
basis for a proper fix.
------- Comment #4 From cendio 2017-05-22 14:30:22 -------
The login button is now disabled after submitting the login form.
------- Comment #5 From cendio 2017-05-29 17:05:54 -------
Works well. Tested in Firefox, Chrome, Safari[1], IE and Edge.

[1] The UI doesn't update in Safari once you've clicked, so you don't see it as
disabled. It is properly disabled though.