CSRF and double posting

Hi,

I have the latest CI and CSRF is enabled and working. But I noticed that if I double click really, really quickly, on the submit button, I can still post twice. In this case I am submitting to a controller that, upon success, redirects and refreshes to another controller. I thought, because the CSRF was regenerated, the second submit would not work.

To prevent this, because it is annoying me now, do I have to resort to some javascript to prevent the double click?

Just in case I am doing something wrong (although I am pretty sure I am not), here is my CSRF config:

PHP Code:

$config['csrf_protection'] = TRUE;
$config['csrf_token_name'] = 'csrfbpbtok';
$config['csrf_cookie_name'] = 'csrfbpb';
$config['csrf_expire'] = 7200;
$config['csrf_regenerate'] = TRUE;
$config['csrf_exclude_uris'] = array(); 


And the form is outputting the CSRF code:

Code:

<form action="...my url..." method="post" accept-charset="utf-8">
<input type="hidden" name="csrfbpbtok" value="19ac6f0516d5e63e665f3a59bf350f99" style="display:none;" />

Am I just tired and doing something daft? Or is the very quick double click a separate issue entirely? After all, the CSRF stops other people faking posts, not double clicks. But shouldn't the regenerated token prevent it?

Thanks in advance,

Paul.