rails-hidden_autocomplete 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -0
- data/config/initializers/rails-hidden_autocomplete.rb +2 -0
- data/lib/rails/hidden_autocomplete/action_view/helpers/form_tag_helper.rb +4 -0
- data/lib/rails/hidden_autocomplete/action_view/helpers/tags/base.rb +30 -0
- data/lib/rails/hidden_autocomplete/action_view/helpers/tags/check_box.rb +16 -0
- data/lib/rails/hidden_autocomplete/version.rb +1 -1
- data/lib/rails/hidden_autocomplete.rb +2 -0
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0c7a9e4853b0f4ff53ebb7a25d4b94dc8197b888d264dd1eb5b064241a63ad8e
|
|
4
|
+
data.tar.gz: 3fea7c3aaafc9c54ea3d0ec5009ace7232b9ee95d1db12c3bfc35f460a90b975
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 64929edf453f4f8112694c8b22370a1d71874e1cd93cb35187f5eb5b4ae2f5d3d0cece4bcf69e502f051feb861b1c9baedf58397912cb8146829d1c1009b7d9c
|
|
7
|
+
data.tar.gz: 2389c9123be817e711678654516d4c53ce30e6a795b4d1c6b4d119557cb7289f32433eb8a7cc271ec53a22cabc9787ab013585da8ef75333fe8a32fbd4f6cde1
|
data/README.md
CHANGED
|
@@ -1,6 +1,10 @@
|
|
|
1
1
|
# rails-hidden_autocomplete
|
|
2
2
|
This is a Rails plugin to add `autocomplete="off"` to all hidden form inputs generated by Rails. This is necessary because Firefox has [a longstanding bug](https://bugzilla.mozilla.org/show_bug.cgi?id=520561) where it may populate hidden inputs **without** `autocomplete="off"` with completely random values. Since Rails uses hidden fields extensively for CSRF protection and non-standard HTTP methods, this issue is also tracked in the main Rails tracker here: [add autocomplete="OFF" to firefox-proof automagically added hidden fields like method](https://github.com/rails/rails/issues/42610)
|
|
3
3
|
|
|
4
|
+
You can read the announcement blog post here: <https://blog.podqueue.fm/2021/09/19/giving_back_to_rails_with_rails-hidden_autocomplete/>
|
|
5
|
+
|
|
6
|
+
This work has also been refactored into a Rails PR: <https://github.com/rails/rails/pull/43280>
|
|
7
|
+
|
|
4
8
|
## Usage
|
|
5
9
|
Using this plugin from a Rails 6.1 application should automatically override Rails methods which generate hidden form inputs to add an `autocomplete="off"` attribute.
|
|
6
10
|
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
ActiveSupport.on_load(:action_view) do
|
|
2
2
|
ActionView::Helpers::DateTimeSelector.prepend Rails::HiddenAutocomplete::ActionView::Helpers::DateTimeSelector
|
|
3
3
|
ActionView::Helpers::FormTagHelper.prepend Rails::HiddenAutocomplete::ActionView::Helpers::FormTagHelper
|
|
4
|
+
ActionView::Helpers::Tags::Base.prepend Rails::HiddenAutocomplete::ActionView::Helpers::Tags::Base
|
|
5
|
+
ActionView::Helpers::Tags::CheckBox.prepend Rails::HiddenAutocomplete::ActionView::Helpers::Tags::CheckBox
|
|
4
6
|
ActionView::Helpers::Tags::HiddenField.prepend Rails::HiddenAutocomplete::ActionView::Helpers::Tags::HiddenField
|
|
5
7
|
ActionView::Helpers::UrlHelper.prepend Rails::HiddenAutocomplete::ActionView::Helpers::UrlHelper
|
|
6
8
|
end
|
|
@@ -6,6 +6,10 @@ module Rails
|
|
|
6
6
|
def hidden_field_tag(name, value = nil, options = {})
|
|
7
7
|
super(name, value, options.merge(autocomplete: 'off'))
|
|
8
8
|
end
|
|
9
|
+
|
|
10
|
+
def utf8_enforcer_tag
|
|
11
|
+
'<input name="utf8" type="hidden" value="✓" autocomplete="off" />'.html_safe
|
|
12
|
+
end
|
|
9
13
|
end
|
|
10
14
|
end
|
|
11
15
|
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
module Rails
|
|
2
|
+
module HiddenAutocomplete
|
|
3
|
+
module ActionView
|
|
4
|
+
module Helpers
|
|
5
|
+
module Tags
|
|
6
|
+
module Base
|
|
7
|
+
def select_content_tag(option_tags, options, html_options)
|
|
8
|
+
html_options = html_options.stringify_keys
|
|
9
|
+
add_default_name_and_id(html_options)
|
|
10
|
+
|
|
11
|
+
if placeholder_required?(html_options)
|
|
12
|
+
raise ArgumentError, "include_blank cannot be false for a required field." if options[:include_blank] == false
|
|
13
|
+
options[:include_blank] ||= true unless options[:prompt]
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
value = options.fetch(:selected) { value() }
|
|
17
|
+
select = content_tag("select", add_options(option_tags, options, value), html_options)
|
|
18
|
+
|
|
19
|
+
if html_options["multiple"] && options.fetch(:include_hidden, true)
|
|
20
|
+
tag("input", disabled: html_options["disabled"], name: html_options["name"], type: "hidden", value: "", autocomplete: "off") + select
|
|
21
|
+
else
|
|
22
|
+
select
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
module Rails
|
|
2
|
+
module HiddenAutocomplete
|
|
3
|
+
module ActionView
|
|
4
|
+
module Helpers
|
|
5
|
+
module Tags
|
|
6
|
+
module CheckBox
|
|
7
|
+
private
|
|
8
|
+
def hidden_field_for_checkbox(options)
|
|
9
|
+
@unchecked_value ? tag("input", options.slice("name", "disabled", "form").merge!("type" => "hidden", "value" => @unchecked_value, "autocomplete" => "off")) : "".html_safe
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
@@ -2,6 +2,8 @@ require "rails/hidden_autocomplete/engine"
|
|
|
2
2
|
require "rails/hidden_autocomplete/action_view/helpers/date_time_selector"
|
|
3
3
|
require "rails/hidden_autocomplete/action_view/helpers/form_tag_helper"
|
|
4
4
|
require "rails/hidden_autocomplete/action_view/helpers/url_helper"
|
|
5
|
+
require "rails/hidden_autocomplete/action_view/helpers/tags/base"
|
|
6
|
+
require "rails/hidden_autocomplete/action_view/helpers/tags/check_box"
|
|
5
7
|
require "rails/hidden_autocomplete/action_view/helpers/tags/hidden_field"
|
|
6
8
|
|
|
7
9
|
module Rails
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails-hidden_autocomplete
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Baumann
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-09-
|
|
11
|
+
date: 2021-09-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -71,6 +71,8 @@ files:
|
|
|
71
71
|
- lib/rails/hidden_autocomplete.rb
|
|
72
72
|
- lib/rails/hidden_autocomplete/action_view/helpers/date_time_selector.rb
|
|
73
73
|
- lib/rails/hidden_autocomplete/action_view/helpers/form_tag_helper.rb
|
|
74
|
+
- lib/rails/hidden_autocomplete/action_view/helpers/tags/base.rb
|
|
75
|
+
- lib/rails/hidden_autocomplete/action_view/helpers/tags/check_box.rb
|
|
74
76
|
- lib/rails/hidden_autocomplete/action_view/helpers/tags/hidden_field.rb
|
|
75
77
|
- lib/rails/hidden_autocomplete/action_view/helpers/url_helper.rb
|
|
76
78
|
- lib/rails/hidden_autocomplete/engine.rb
|