From a8326516440d686263cb5712bc87ae39c6b8df37 Mon Sep 17 00:00:00 2001
From: Chris Angelico <rosuav@gmail.com>
Date: Tue, 10 Dec 2024 11:10:29 +1100
Subject: [PATCH] Warn and reject if a nonce is rapidly reused

---
 modules/http/chan_form.pike | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/http/chan_form.pike b/modules/http/chan_form.pike
index ee20d072..978026fb 100644
--- a/modules/http/chan_form.pike
+++ b/modules/http/chan_form.pike
@@ -352,6 +352,10 @@ __async__ mapping(string:mixed) http_request(Protocols.HTTP.Server.Request req)
 					if (!resp[formid]) resp[formid] = ([]);
 					if (mapping p = resp[formid]->permissions[?nonce]) {
 						//The permission is no longer available.
+						if (p->used) {
+							werror("FORM REUSED %O\n", nonce);
+							return; //Silently ignore the second one (for now)
+						}
 						p->used = 1;
 					}
 					resp[formid]->responses += ({response});