Replay protection

A no-replay token protects client area actions, which is appended to action URLs.

It prevents end-users from revisiting a URL which may perform an action on their Virtual Machine (VM).

For example, a VM could be shutdown just by visiting the URL. The no-replay token guards against this.

This does mean that you can't refresh a page to re-run an action on a VM, which may be possible with other modules.

For more information see this issue.