Cancel Reproduction Fetch Requests in JavaScript Enhanced Bureaucracy

For those who’ve ever use JavaScript fetch API to reinforce a sort submission, there’s a superb opportunity you’ve unintentionally offered a duplicate-request/race-condition trojan horse. These days, I’ll stroll you thru the problem and my suggestions to steer clear of it.

(Video on the finish for those who choose that)

Let’s believe an overly fundamental HTML shape with a unmarried enter and a put up button.

<shape way="publish">
  <label for="title">Identify</label>
  <enter identification="title" title="title" />

After we hit the put up button, the browser will do an entire web page refresh.

Understand how the browser reloads after the put up button is clicked.

The web page refresh isn’t at all times the revel in we wish to be offering our customers, so a commonplace selection is to make use of JavaScript so as to add an tournament listener to the shape’s “put up” tournament, save you the default habits and put up the shape information the usage of the fetch API.

A simplistic way would possibly appear to be the instance beneath. After the web page (or part) mounts, we snatch the shape DOM node, upload an tournament listener that constructs a fetch request the usage of the shape motion, way, and information, and on the finish of the handler, we name the development’s preventDefault() way.

const shape = report.querySelector('shape');
shape.addEventListener('put up', handleSubmit);

serve as handleSubmit(tournament) {
  const shape = tournament.currentTarget;
  fetch(shape.motion, {
    way: shape.way,
    frame: new FormData(shape)


Now, earlier than any JavaScript hotshots get started tweeting at me about GET vs. POST and request frame and Content material-Kind and no matter else, let me simply say, I do know. I’m holding the fetch request intentionally easy as a result of that’s now not the principle center of attention.

The important thing challenge here’s the tournament.preventDefault(). This technique prevents the browser from appearing the default habits of loading the brand new web page and filing the shape.

Now, if we have a look at the display and hit put up, we will see that the web page doesn’t reload, however we do see the HTTP request in our community tab.

Understand the browser does now not do a complete web page reload.

Sadly, through the usage of JavaScript to forestall the default habits, we’ve in truth offered a trojan horse that the default browser habits does now not have.

After we use simple HTML and also you ruin the put up button a host of instances truly briefly, you’ll understand that the entire community requests with the exception of the latest one flip pink. This means that they had been canceled and most effective the latest request is commemorated.

If we examine that to the JavaScript instance, we will be able to see that all the requests are despatched and they all whole with none being canceled.

This can be a subject matter as a result of even though every request would possibly take a special period of time, they may unravel in a special order than they had been initiated. This implies if we upload capability to the answer of the ones requests, we would possibly have some sudden habits.

For instance, shall we create a variable to increment for every request (“totalRequestCount“). Each time we run the handleSubmit serve as we will increment the full depend in addition to seize the present quantity to trace the present request (“thisRequestNumber“). When a fetch request resolves, we will log its corresponding quantity to the console.

const shape = report.querySelector('shape');
shape.addEventListener('put up', handleSubmit);

let totalRequestCount = 0

serve as handleSubmit(tournament) {
  totalRequestCount += 1
  const thisRequestNumber = totalRequestCount 
  const shape = tournament.currentTarget;
  fetch(shape.motion, {
    way: shape.way,
    frame: new FormData(shape)
  }).then(() => {

Now, if we ruin that put up button a host of instances, we would possibly see other numbers revealed to the console out of order: 2, 3, 1, 4, 5. It will depend on the community pace, however I believe we will all agree that this isn’t superb.

Believe a situation the place a person triggers a number of fetch requests in shut succession and upon of entirety, your utility updates the web page with their adjustments. The person may just in the long run see faulty data because of requests resolving out of order.

This can be a non-issue within the non-JavaScript global since the browser cancels any earlier request and so much the web page after the latest request completes, loading essentially the most up-to-date model. However web page refreshes aren’t as horny.

The excellent news for JavaScript enthusiasts is that we will have each a horny person revel in AND a constant UI!

We simply want to do somewhat extra legwork.

For those who have a look at the fetch API documentation, you’ll see that it’s conceivable to abort a fetch the usage of an AbortController and the sign assets of the fetch choices. It appears one thing like this:

const controller = new AbortController();
fetch(url, { sign: controller.sign });

Via offering the AbortContoller‘s sign to the fetch request, we will cancel the request any time the AbortContoller‘s abort way is prompted.

You’ll see a clearer instance within the JavaScript console. Check out developing an AbortController, starting up the fetch request, then straight away executing the abort way.

const controller = new AbortController();
fetch('', { sign: controller.sign });

You must straight away see an exception revealed to the console. In Chromium browsers, it must say, “Uncaught (in promise) DOMException: The person aborted a request.” And for those who discover the Community tab, you must see a failed request with the Standing Textual content “(canceled)”.

The Chrome dev tools opened to the network with the JavaScript console open. In the console is the code "const controller = new AbortController();fetch('', { signal: controller.signal });controller.abort()", followed by the exception, "Uncaught (in promise) DOMException: The user aborted a request." In the network, there is a request to "localhost" with the status text "(canceled)"

With that during thoughts, we will upload an AbortController to our shape’s put up handler. The good judgment will likely be as follows:

  • First, take a look at for an AbortController for any earlier request. If one exists, abort it.
  • Subsequent, create an AbortController for the present request that may be aborted on next requests.
  • In spite of everything, when a request resolves, take away its corresponding AbortController.

There are a number of techniques to do that, however I’ll use a WeakMap to retailer relationships between every submitted <shape> DOM node and its respective AbortController. When a sort is submitted, we will take a look at and replace the WeakMap accordingly.

const pendingForms = new WeakMap();

serve as handleSubmit(tournament) {
  const shape = tournament.currentTarget;
  const previousController = pendingForms.get(shape);

  if (previousController) {
  const controller = new AbortController();
  pendingForms.set(shape, controller);

  fetch(shape.motion, {
    way: shape.way,
    frame: new FormData(shape),
    sign: controller.sign,
  }).then(() => {

const bureaucracy = report.querySelectorAll('shape');
for (const type of bureaucracy) {
  shape.addEventListener('put up', handleSubmit);

The important thing factor is with the ability to affiliate an abort controller with its corresponding shape. The usage of the shape’s DOM node because the WeakMap‘s secret’s a handy manner to try this. With that during position, we will upload the AbortController‘s sign to the fetch request, abort any earlier controllers, upload new ones, and delete them upon of entirety.

Confidently, that each one is sensible.

Now, if we ruin that shape’s put up button a host of instances, we will see that all the API requests with the exception of the latest one get canceled.

This implies any serve as responding to that HTTP reaction will behave extra as you can be expecting. Now, if we use that very same counting and logging good judgment we have now above, we will ruin the put up button seven instances and would see six exceptions (because of the AbortController) and one log of “7” within the console. If we put up once more and make allowance sufficient time for the request to unravel, we’d see “8” within the console. And if we ruin the put up button a host of instances, once more, we’ll proceed to peer the exceptions and ultimate request depend in the precise order.

If you wish to upload some extra good judgment to steer clear of seeing DOMExceptions within the console when a request is aborted, you’ll upload a .catch() block after your fetch request and take a look at if the mistake’s title suits “AbortError“:

fetch(url, {
  sign: controller.sign,
}).catch((error) => {
  // If the request used to be aborted, do not anything
  if (error.title === 'AbortError') go back;
  // In a different way, deal with the mistake right here or throw it again to the console
  throw error


This entire publish used to be centered round JavaScript-enhanced bureaucracy, but it surely’s most probably a good suggestion to incorporate an AbortController any time you create a fetch request. It’s truly too unhealthy it’s now not constructed into the API already. However optimistically this presentations you a excellent way for together with it.

It’s additionally value citing that this way does now not save you the person from spamming the put up button a host of instances. The button continues to be clickable and the request nonetheless fires off, it simply supplies a extra constant manner of coping with responses.

Sadly, if a person does unsolicited mail a put up button, the ones requests would nonetheless pass on your backend and may just use devour a host of pointless assets.

Some naive answers could also be disabling the put up button, the usage of a debounce, or most effective developing new requests after earlier ones unravel. I don’t like those choices as a result of they depend on slowing down the person’s revel in and most effective paintings at the client-side. They don’t deal with abuse by means of scripted requests.

To deal with abuse from too many requests on your server, you can most probably wish to arrange some fee proscribing. That is going past the scope of this publish, but it surely used to be value citing. It’s additionally value citing that fee proscribing doesn’t remedy the unique downside of reproduction requests, race prerequisites, and inconsistent UI updates. Preferably, we must use each to hide each ends.

Anyway, that’s all I’ve were given for these days. If you wish to watch a video that covers this identical matter, watch this.

Thanks such a lot for studying. For those who appreciated this text, and wish to give a boost to me, the most productive techniques to take action are to proportion it, join my publication, and practice me on Twitter.

Firstly revealed on

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Back To Top
Would love your thoughts, please comment.x