From 56f9553f0ed40474302b00830fc0a7a831833870 Mon Sep 17 00:00:00 2001
From: Sascha Rommelfangen <sascha@rommelfangen.de>
Date: Tue, 9 Apr 2019 13:42:24 +0200
Subject: [PATCH] added black-hole explanation

---
 faq/README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/faq/README.md b/faq/README.md
index 2104257..6e1fcdc 100644
--- a/faq/README.md
+++ b/faq/README.md
@@ -200,6 +200,14 @@ Afterwards you'll find the csvimport from within the newly created event: "Popul
 
 Don't use from the main site ("Import from...").
 
+
+## Why do I see 'The request has been black-holed' when I submit forms?
+
+That's a security measure for form tampering protection.
+
+All forms have a timeout (~15min) and all of them can only be submitted once. If you use your browser's "back" button and resubmit the form MISP will consider it as a potential attempt at form tampering.
+
+
   <!-- 
   Comment Place Holder
   -->