CHANGELOG.md

Changelog

v2.14.0 (2020-01-28)

• Enhancements
  • Remove enforce_utf8 workaround on forms as it is no longer required by browser
  • Remove support tuple-based date/time with microseconds calendar types
  • Allow strings as first element in content_tag
  • Add :srcset support to img_tag
  • Allow inputs_for to skip hidden fields

v2.13.4 (2020-01-28)

• Bug fixes
  • Fix invalid :line in Elixir v1.10.0

v2.13.3 (2019-05-31)

• Enhancements

  • Add atom support to FormData

• Bug fixes

  • Keep proper line numbers on .eex templates for proper coverage

v2.13.2 (2019-03-29)

• Bug fixes
  • Stop event propagation when confirm dialog is canceled

v2.13.1 (2019-01-05)

• Enhancements

  • Allow safe content to be given to label
  • Also escale template literals in javascript_escape/1

• Bug fixes

  • Fix deprecation warnings to point to the correct alternative

v2.13.0 (2018-12-09)

• Enhancements

  • Require Elixir v1.5+ for more efficient template compilation/rendering
  • Add Phoenix.HTML.Engine.encode_to_iodata!/1
  • Add Phoenix.HTML.Form.form_for/3 that works without an anonymous function

• Deprecations

  • Deprecate Phoenix.HTML.escape_javascript/1 in favor of Phoenix.HTML.javascript_escape/1 for consistency

v2.12.0 (2018-08-06)

• Enhancements

  • Configurable and extendable data-confirm behaviour
  • Allow data-confirm with submit buttons
  • Support ISO 8601 formatted strings for date and time values

• Bug fixes

  • Provide a default id of the field name for @conn based forms

v2.11.2 (2018-04-13)

• Enhancements

  • Support custom precision on time input

• Bug fixes

  • Do not raise when : is part of a path on link/button attributes

v2.11.1 (2018-03-20)

• Enhancements

  • Add label/1
  • Copy the target attribute of the link in the generated JS form

• Bug fixes

  • Support any value that is html escapable in radio_button

v2.11.0 (2018-03-09)

• Enhancements

  • Add date, datetime-local and time input types
  • Enable string keys to be usable with forms
  • Support carriage return in text_to_html
  • Add support for HTML5 boolean attributes to content_tag and tag
  • Improve performance by relying on html_safe_to_iodata/1
  • Protect against CSRF tokens leaking across hosts when the POST URL is dynamic
  • Require to attribute in links and buttons to explicitly pass protocols as a separate option for safety reasons

• Bug fixes

  • Guarantee input_name/2 always returns strings
  • Improve handling of uncommon whitespace and null in escape_javascript
  • Escape value attribute so it is never treated as a boolean

• Backwards incompatible changes

  • The :csrf_token_generator configuration in the Phoenix.HTML app no longer works due to the improved security mechanisms

v2.10.5 (2017-11-08)

• Enhancements
  • Do not require the :as option in form_for

v2.10.4 (2017-08-15)

• Bug fixes
  • Fix formatting of days in datetime_builder

v2.10.3 (2017-07-30)

• Enhancements

  • Allow specifying a custom CSRF token generator

• Bug fixes

  • Do not submit method: :get in buttons as "post"

v2.10.2 (2017-07-24)

• Bug fixes
  • Traverse DOM elements up when handling data-method

v2.10.1 (2017-07-22)

• Bug fixes
  • Only generate CSRF token if necessary

v2.10.0 (2017-07-21)

• Enhancements

  • Support custom attributes in options in select

• Bug fixes

  • Accept non-binary values in textarea's content
  • Allow nested forms on the javascript side. This means link and button no longer generate a child form such as the :form option has no effect and "data-submit=parent" is no longer supported. Instead "data-to" and "data-method" are set on the entities and the form is generated on the javascript side of things

v2.9.3 (2016-12-24)

• Bug fixes
  • Once again support any name for atom forms

v2.9.2 (2016-12-24)

• Bug fixes
  • Always read from form.params and then from :selected in select and multiple_select before falling back to input_value/2

v2.9.1 (2016-12-20)

• Bug fixes
  • Implement proper input_value/3 callback

v2.9.0 (2016-12-19)

• Enhancements
  • Add img_tag/2 helper to Phoenix.HTML.Tag
  • Submit nearest form even if not direct descendent
  • Use more iodata for tag/2 and content_tag/3
  • Add input_value/3, input_id/2 and input_name/2 as a unified API around the input (alongside input_type/3 and input_validations/2)

v2.8.0 (2016-11-15)

• Enhancements
  • Add csrf_meta_tag/0 helper to Phoenix.HTML.Tag
  • Allow passing a do: option to Phoenix.HTML.Link.button/2

v2.7.0 (2016-09-21)

• Enhancements
  • Render button tags for form submits and in the button/2 function
  • Allow submit/2 and button/2 to receive do blocks
  • Support the :multiple option in file_input/3
  • Remove previously deprecated and unused model field

v2.6.1 (2016-07-08)

• Enhancements

  • Remove warnings on v1.4

• Bug fixes

  • Ensure some contents are properly escaped as an integer
  • Ensure JavaScript data-submit events bubble up until it finds the proper parent

v2.6.0 (2016-06-16)

• Enhancements

  • Raise helpful error when using invalid iodata
  • Inline date/time API with Elixir v1.3 Calendar types
  • Add :insert_brs option to text_to_html/2
  • Run on Erlang 19 without warnings

• Client-side changes

  • Use event delegation in phoenix_html.js
  • Drop IE8 support on phoenix_html.js

• Backwards incompatible changes

  • :min, :sec option in Phoenix.HTML.Form (datetime_select/3 and time_select/3) are no longer supported. Use :minute or :second instead.

v2.5.1 (2016-03-12)

• Bug fixes
  • Ensure multipart files work with inputs_for

v2.5.0 (2016-01-28)

• Enhancements
  • Introduce form.data field instead of form.model. Currently those values are kept in sync then the form is built but form.model will be deprecated in the long term

v2.4.0 (2016-01-21)

• Enhancements

  • Add rel=nofollow auto generation for non-get links
  • Introduce :selected option for select and multiple_select

• Bug fixes

  • Fix safe engine incorrectly marking safe code as unsafe when last expression is <% ... %>

v2.3.0 (2015-12-16)

• Enhancements
  • Add escape_javascript/1
  • Add helpful error message when using unknown @inner assign
  • Add Phoenix.HTML.Format.text_to_html/2

v2.2.0 (2015-09-01)

• Bug fix
  • Allow the :name to be given in forms. For this, using :name to configure the underlying input name prefix has been deprecated in favor of :as

v2.1.2 (2015-08-22)

• Bug fix
  • Do not include values in password_input/3

v2.1.1 (2015-08-15)

• Enhancements
  • Allow nil in raw/1
  • Allow block options in label/3
  • Introduce :skip_deleted in inputs_for/4

v2.1.0 (2015-08-06)

• Enhancements
  • Add an index field to forms to be used by inputs_for/4 collections

v2.0.1 (2015-07-31)

• Bug fix
  • Include web directory in Hex package

v2.0.0 (2015-07-30)

• Enhancements

  • No longer generate onclick attributes.

    The main motivation for this is to provide support for Content Security Policy, which recommends disabling all inline scripts in a page.

    We took the opportunity to also add support for data-confirm in link/2.

v1.4.0 (2015-07-26)

• Enhancements
  • Support input_type/2 and input_validations/2 as reflection mechanisms

v1.3.0 (2015-07-23)

• Enhancements
  • Add Phoenix.HTML.Form.inputs_for/4 support
  • Add multiple select support
  • Add reset input
  • Infer default text context for labels

v1.2.1 (2015-06-02)

• Bug fix
  • Ensure nil parameters are not discarded when rendering input

v1.2.0 (2015-05-30)

• Enhancements
  • Add label/3 for generating a label tag within a form

v1.1.0 (2015-05-20)

• Enhancements
  • Allow do/end syntax with link/2
  • Raise on missing assigns

v1.0.1

• Bug fixes
  • Avoid variable clash in Phoenix.HTML engine buffers

v1.0.0

• Enhancements
  • Provides an EEx engine with HTML safe rendering
  • Provides a Phoenix.HTML.Safe protocol
  • Provides a Phoenix.HTML.FormData protocol
  • Provides functions for generating tags, links and form builders in a safe way