diff options
| author | Vladimir Dobriakov <vladimir@geekq.net> | 2008-11-04 13:46:36 +0100 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2008-11-04 18:24:52 +0100 |
| commit | 5fad229e43e2b2541ed39c6ef571975176e6a8d2 (patch) | |
| tree | 823af789d18ef67d0290fab2531ddf70c7ffe79e /actionpack/lib/action_view | |
| parent | b2cd318c2e3f4d19813a5c62903319a6683aa561 (diff) | |
| download | rails-5fad229e43e2b2541ed39c6ef571975176e6a8d2.tar.gz rails-5fad229e43e2b2541ed39c6ef571975176e6a8d2.tar.bz2 rails-5fad229e43e2b2541ed39c6ef571975176e6a8d2.zip | |
Fixed that FormTagHelper generates illegal html if name contains e.g. square brackets [#1238 state:committed]
Signed-off-by: David Heinemeier Hansson <david@loudthinking.com>
Diffstat (limited to 'actionpack/lib/action_view')
| -rw-r--r-- | actionpack/lib/action_view/helpers/form_tag_helper.rb | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/actionpack/lib/action_view/helpers/form_tag_helper.rb b/actionpack/lib/action_view/helpers/form_tag_helper.rb index 7492348c50..4646bc118b 100644 --- a/actionpack/lib/action_view/helpers/form_tag_helper.rb +++ b/actionpack/lib/action_view/helpers/form_tag_helper.rb @@ -78,7 +78,7 @@ module ActionView # # <option>Paris</option><option>Rome</option></select> def select_tag(name, option_tags = nil, options = {}) html_name = (options[:multiple] == true && !name.to_s.ends_with?("[]")) ? "#{name}[]" : name - content_tag :select, option_tags, { "name" => html_name, "id" => name }.update(options.stringify_keys) + content_tag :select, option_tags, { "name" => html_name, "id" => sanitize_to_id(name) }.update(options.stringify_keys) end # Creates a standard text field; use these text fields to input smaller chunks of text like a username @@ -112,7 +112,7 @@ module ActionView # text_field_tag 'ip', '0.0.0.0', :maxlength => 15, :size => 20, :class => "ip-input" # # => <input class="ip-input" id="ip" maxlength="15" name="ip" size="20" type="text" value="0.0.0.0" /> def text_field_tag(name, value = nil, options = {}) - tag :input, { "type" => "text", "name" => name, "id" => name, "value" => value }.update(options.stringify_keys) + tag :input, { "type" => "text", "name" => name, "id" => sanitize_to_id(name), "value" => value }.update(options.stringify_keys) end # Creates a label field @@ -130,7 +130,7 @@ module ActionView # label_tag 'name', nil, :class => 'small_label' # # => <label for="name" class="small_label">Name</label> def label_tag(name, text = nil, options = {}) - content_tag :label, text || name.to_s.humanize, { "for" => name }.update(options.stringify_keys) + content_tag :label, text || name.to_s.humanize, { "for" => sanitize_to_id(name) }.update(options.stringify_keys) end # Creates a hidden form input field used to transmit data that would be lost due to HTTP's statelessness or @@ -282,7 +282,7 @@ module ActionView # check_box_tag 'eula', 'accepted', false, :disabled => true # # => <input disabled="disabled" id="eula" name="eula" type="checkbox" value="accepted" /> def check_box_tag(name, value = "1", checked = false, options = {}) - html_options = { "type" => "checkbox", "name" => name, "id" => name, "value" => value }.update(options.stringify_keys) + html_options = { "type" => "checkbox", "name" => name, "id" => sanitize_to_id(name), "value" => value }.update(options.stringify_keys) html_options["checked"] = "checked" if checked tag :input, html_options end @@ -470,6 +470,12 @@ module ActionView tag(:input, :type => "hidden", :name => request_forgery_protection_token.to_s, :value => form_authenticity_token) end end + + # see http://www.w3.org/TR/html4/types.html#type-name + def sanitize_to_id(name) + name.to_s.gsub(']','').gsub(/[^-a-zA-Z0-9:.]/, "_") + end + end end end |