We could try a little harder to make revision creation idempotent, preventing duplicate postings by users on spotty connections(cafe wifi, etc).
A unique token is generated per form in a hidden field
After committing the database transaction creating a new revision put the revision id into a memcache key named after the token with a 30 minute(arbitrary) timeout
On submission of a token we check the memcache key named after the token, if it exists we load the saved revision and output the same api response creation would have
There is still a race condition, submitting two requests at the same time could still create two revisions. We can also check the memcache key just before committing the transaction to reduce the size of this race condition.