Ticket #10422: action_view_hidden_fields_tag_proc.diff
| File action_view_hidden_fields_tag_proc.diff, 4.3 kB (added by toolmantim, 7 months ago) |
|---|
-
actionpack/test/controller/request_forgery_protection_test.rb
old new 70 70 assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token 71 71 end 72 72 73 def test_should_render_form_with_token_tag_inside_hidden_fields_tag_proc 74 default_proc = ActionView::Base.hidden_fields_tag_proc 75 ActionView::Base.hidden_fields_tag_proc = Proc.new {|fields| "<proctag>#{fields}</proctag>"} 76 get :index 77 assert_select 'form>proctag>input[name=?][value=?]', 'authenticity_token', @token 78 ensure 79 ActionView::Base.hidden_fields_tag_proc = default_proc 80 end 81 73 82 def test_should_render_button_to_with_token_tag 74 83 get :show_button 75 84 assert_select 'form>div>input[name=?][value=?]', 'authenticity_token', @token 76 85 end 77 86 78 87 def test_should_allow_get 79 88 get :index 80 89 assert_response :success -
actionpack/test/template/form_tag_helper_test.rb
old new 45 45 expected = %(<form action="http://www.example.com" method="post"><div style='margin:0;padding:0'><input type="hidden" name="_method" value="delete" /></div>) 46 46 assert_dom_equal expected, actual 47 47 end 48 49 def test_form_tag_with_method_put_with_custom_hidden_fields_tag_proc 50 default_proc = ActionView::Base.hidden_fields_tag_proc 51 ActionView::Base.hidden_fields_tag_proc = Proc.new {|fields| "<proctag>#{fields}</proctag>"} 52 actual = form_tag({}, { :method => :put }) 53 expected = %(<form action="http://www.example.com" method="post"><proctag><input type="hidden" name="_method" value="put" /></proctag>) 54 assert_dom_equal expected, actual 55 ensure 56 ActionView::Base.hidden_fields_tag_proc = default_proc 57 end 48 58 59 def test_form_tag_with_method_delete_with_custom_hidden_fields_tag_proc 60 default_proc = ActionView::Base.hidden_fields_tag_proc 61 ActionView::Base.hidden_fields_tag_proc = Proc.new {|fields| "<proctag>#{fields}</proctag>"} 62 actual = form_tag({}, { :method => :delete }) 63 expected = %(<form action="http://www.example.com" method="post"><proctag><input type="hidden" name="_method" value="delete" /></proctag>) 64 assert_dom_equal expected, actual 65 ensure 66 ActionView::Base.hidden_fields_tag_proc = default_proc 67 end 68 49 69 def test_form_tag_with_block 50 70 _erbout = '' 51 71 form_tag("http://example.com") { _erbout.concat "Hello world!" } -
actionpack/lib/action_view/helpers/form_tag_helper.rb
old new 2 2 require 'action_view/helpers/tag_helper' 3 3 4 4 module ActionView 5 class Base 6 # Specify the proc used to surround hidden form fields with a block level element. 7 # 8 # Defaults to: 9 # Proc.new{|fields| "<div style=\"margin:0;padding:0\">#{fields}</div>"} 10 @@hidden_fields_tag_proc = Proc.new{|fields| "<div style=\"margin:0;padding:0\">#{fields}</div>"} 11 cattr_accessor :hidden_fields_tag_proc 12 end 5 13 module Helpers 6 14 # Provides a number of methods for creating form tags that doesn't rely on an ActiveRecord object assigned to the template like 7 15 # FormHelper does. Instead, you provide the names and values manually. … … 401 409 '' 402 410 when /^post$/i, "", nil 403 411 html_options["method"] = "post" 404 protect_against_forgery? ? content_tag(:div, token_tag, :style => 'margin:0;padding:0') : ''412 protect_against_forgery? ? Base.hidden_fields_tag_proc.call(token_tag) : '' 405 413 else 406 414 html_options["method"] = "post" 407 content_tag(:div, tag(:input, :type => "hidden", :name => "_method", :value => method) + token_tag, :style => 'margin:0;padding:0')415 Base.hidden_fields_tag_proc.call(tag(:input, :type => "hidden", :name => "_method", :value => method) + token_tag) 408 416 end 409 417 end 410 418
