updating link_to and button_to to support :remote => true and other options such as :confirm in a unobtrusive manor

Signed-off-by: Joshua Peek <josh@joshpeek.com>

1 files changed, 46 insertions, 31 deletions

diff --git a/actionpack/lib/action_view/helpers/url_helper.rb b/actionpack/lib/action_view/helpers/url_helper.rb
index d6bfc6d4c9..9e52275537 100644
--- a/actionpack/lib/action_view/helpers/url_helper.rb
+++ b/actionpack/lib/action_view/helpers/url_helper.rb
@@ -218,11 +218,11 @@ module ActionView
           html_options = args[2]
 
           url = url_for(options)
+          html_options = convert_options_to_data_attributes(options, html_options)
 
           if html_options
             html_options = html_options.stringify_keys
             href = html_options['href']
-            convert_options_to_javascript!(html_options, url)
             tag_options = tag_options(html_options)
           else
             tag_options = nil
@@ -291,14 +291,10 @@ module ActionView
           request_token_tag = tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => form_authenticity_token)
         end
 
-        if confirm = html_options.delete("confirm")
-          html_options["onclick"] = "return #{confirm_javascript_function(confirm)};"
-        end
-
         url = options.is_a?(String) ? options : self.url_for(options)
         name ||= url
 
-        convert_options_to_javascript!(html_options, url)
+        html_options = convert_options_to_data_attributes(options, html_options)
 
         html_options.merge!("type" => "submit", "value" => name)
 
@@ -551,46 +547,65 @@ module ActionView
       end
 
       private
-        def convert_options_to_javascript!(html_options, url = '')
+        def convert_options_to_data_attributes(options, html_options)
+          html_options = {} if html_options.nil?
+          html_options = html_options.stringify_keys
+
+          if (options.is_a?(Hash) && options.key?('remote')) || (html_options.is_a?(Hash) && html_options.key?('remote'))
+            html_options['data-remote'] = 'true'
+            options.delete('remote') if options.is_a?(Hash)
+            html_options.delete('remote') if html_options.is_a?(Hash)
+          end
+
           confirm = html_options.delete("confirm")
-          method, href = html_options.delete("method"), html_options['href']
 
           if html_options.key?("popup")
             ActiveSupport::Deprecation.warn(":popup has been deprecated", caller)
           end
 
-          html_options["onclick"] = case
-            when confirm && method
-              "if (#{confirm_javascript_function(confirm)}) { #{method_javascript_function(method, url, href)} };return false;"
-            when confirm
-              "return #{confirm_javascript_function(confirm)};"
-            when method
-              "#{method_javascript_function(method, url, href)}return false;"
-            else
-              html_options["onclick"]
+          method, href = html_options.delete("method"), html_options['href']
+
+          if confirm && method
+            add_confirm_to_attributes!(html_options, confirm)
+            add_method_to_attributes!(html_options, method)
+          elsif confirm
+            add_confirm_to_attributes!(html_options, confirm)
+          elsif method
+            add_method_to_attributes!(html_options, method)
           end
+
+          html_options["data-url"] = options[:url] if options.is_a?(Hash) && options[:url]
+
+          html_options
         end
 
-        def confirm_javascript_function(confirm)
-          "confirm('#{escape_javascript(confirm)}')"
+        def add_confirm_to_attributes!(html_options, confirm)
+          html_options["data-confirm"] = confirm if confirm
         end
 
-        def method_javascript_function(method, url = '', href = nil)
-          action = (href && url.size > 0) ? "'#{url}'" : 'this.href'
-          submit_function =
-            "var f = document.createElement('form'); f.style.display = 'none'; " +
-            "this.parentNode.appendChild(f); f.method = 'POST'; f.action = #{action};"
+        def add_method_to_attributes!(html_options, method)
+          html_options["rel"] = "nofollow" if method && method.to_s.downcase == "delete"
+          html_options["data-method"] = method if method
+        end
 
-          unless method == :post
-            submit_function << "var m = document.createElement('input'); m.setAttribute('type', 'hidden'); "
-            submit_function << "m.setAttribute('name', '_method'); m.setAttribute('value', '#{method}'); f.appendChild(m);"
+        def add_disable_with_to_attributes!(html_options, disable_with)
+          html_options["data-disable-with"] = disable_with if disable_with
+        end
+
+        def options_for_javascript(options)
+          if options.empty?
+            '{}'
+          else
+            "{#{options.keys.map { |k| "#{k}:#{options[k]}" }.sort.join(', ')}}"
           end
+        end
 
-          if protect_against_forgery?
-            submit_function << "var s = document.createElement('input'); s.setAttribute('type', 'hidden'); "
-            submit_function << "s.setAttribute('name', '#{request_forgery_protection_token}'); s.setAttribute('value', '#{escape_javascript form_authenticity_token}'); f.appendChild(s);"
+        def array_or_string_for_javascript(option)
+          if option.kind_of?(Array)
+            "['#{option.join('\',\'')}']"
+          elsif !option.nil?
+            "'#{option}'"
           end
-          submit_function << "f.submit();"
         end
 
         # Processes the +html_options+ hash, converting the boolean