Permalink
Browse files

Remove wrapping div with inline styles for hidden form fields.

We are dropping HTML 4.01 and XHTML strict compliance since input
tags directly inside a form are valid HTML5, and the absense of
inline styles help in validating for Content Security Policy.
  • Loading branch information...
1 parent 4baa866 commit 89ff1f82f01bd70e12ec1b45049be30ac262df30 @tilsammans tilsammans committed Apr 13, 2014
View
@@ -1,3 +1,11 @@
+* Remove wrapping div with inline styles for hidden form fields.
+
+ We are dropping HTML 4.01 and XHTML strict compliance since input tags directly
+ inside a form are valid HTML5, and the absense of inline styles help in validating
+ for Content Security Policy.
+
+ *Joost Baaij*
+
* `date_select` helper with option `with_css_classes: true` does not overwrite other classes.
*Izumi Wong-Horiuchi*
@@ -726,9 +726,11 @@ def extra_tags_for_form(html_options)
method_tag(method) + token_tag(authenticity_token)
end
- enforce_utf8 = html_options.delete("enforce_utf8") { true }
- tags = (enforce_utf8 ? utf8_enforcer_tag : ''.html_safe) << method_tag
- content_tag(:div, tags, :style => 'display:none')
+ if html_options.delete("enforce_utf8") { true }
+ utf8_enforcer_tag + method_tag
+ else
+ method_tag
+ end
end
def form_tag_html(html_options)
@@ -59,12 +59,13 @@ def test_nested_fields_for_with_child_index_option_override_on_a_nested_attribut
protected
def hidden_fields(method = nil)
- txt = %{<div style="display:none">}
- txt << %{<input name="utf8" type="hidden" value="&#x2713;" />}
+ txt = %{<input name="utf8" type="hidden" value="&#x2713;" />}
+
if method && !%w(get post).include?(method.to_s)
txt << %{<input name="_method" type="hidden" value="#{method}" />}
end
- txt << %{</div>}
+
+ txt
end
def form_text(action = "/", id = nil, html_class = nil, remote = nil, multipart = nil, method = nil)
@@ -88,4 +89,4 @@ def whole_form(action = "/", id = nil, html_class = nil, options = nil)
form_text(action, id, html_class, remote, multipart, method) + hidden_fields(method) + contents + "</form>"
end
-end
+end
@@ -3020,12 +3020,13 @@ def test_form_for_only_instantiates_builder_once
protected
def hidden_fields(method = nil)
- txt = %{<div style="display:none">}
- txt << %{<input name="utf8" type="hidden" value="&#x2713;" />}
+ txt = %{<input name="utf8" type="hidden" value="&#x2713;" />}
+
if method && !%w(get post).include?(method.to_s)
txt << %{<input name="_method" type="hidden" value="#{method}" />}
end
- txt << %{</div>}
+
+ txt
end
def form_text(action = "/", id = nil, html_class = nil, remote = nil, multipart = nil, method = nil)
@@ -14,12 +14,15 @@ def hidden_fields(options = {})
method = options[:method]
enforce_utf8 = options.fetch(:enforce_utf8, true)
- txt = %{<div style="display:none">}
- txt << %{<input name="utf8" type="hidden" value="&#x2713;" />} if enforce_utf8
- if method && !%w(get post).include?(method.to_s)
- txt << %{<input name="_method" type="hidden" value="#{method}" />}
+ ''.tap do |txt|
+ if enforce_utf8
+ txt << %{<input name="utf8" type="hidden" value="&#x2713;" />}
+ end
+
+ if method && !%w(get post).include?(method.to_s)
+ txt << %{<input name="_method" type="hidden" value="#{method}" />}
+ end
end
- txt << %{</div>}
end
def form_text(action = "http://www.example.com", options = {})

0 comments on commit 89ff1f8

Please sign in to comment.