diff options
author | Joost Baaij <joost@spacebabies.nl> | 2014-04-14 00:38:46 +0200 |
---|---|---|
committer | Joost Baaij <joost@spacebabies.nl> | 2014-04-14 19:45:12 +0200 |
commit | 89ff1f82f01bd70e12ec1b45049be30ac262df30 (patch) | |
tree | 3008e03d3170c996e0524cc72188141aafd92d79 /actionview/lib | |
parent | 4baa866e35a2c08aa236ac83c061e3343e951a49 (diff) | |
download | rails-89ff1f82f01bd70e12ec1b45049be30ac262df30.tar.gz rails-89ff1f82f01bd70e12ec1b45049be30ac262df30.tar.bz2 rails-89ff1f82f01bd70e12ec1b45049be30ac262df30.zip |
Remove wrapping div with inline styles for hidden form fields.
We are dropping HTML 4.01 and XHTML strict compliance since input
tags directly inside a form are valid HTML5, and the absense of
inline styles help in validating for Content Security Policy.
Diffstat (limited to 'actionview/lib')
-rw-r--r-- | actionview/lib/action_view/helpers/form_tag_helper.rb | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/actionview/lib/action_view/helpers/form_tag_helper.rb b/actionview/lib/action_view/helpers/form_tag_helper.rb index 0bbe08166b..1cab15708c 100644 --- a/actionview/lib/action_view/helpers/form_tag_helper.rb +++ b/actionview/lib/action_view/helpers/form_tag_helper.rb @@ -726,9 +726,11 @@ module ActionView method_tag(method) + token_tag(authenticity_token) end - enforce_utf8 = html_options.delete("enforce_utf8") { true } - tags = (enforce_utf8 ? utf8_enforcer_tag : ''.html_safe) << method_tag - content_tag(:div, tags, :style => 'display:none') + if html_options.delete("enforce_utf8") { true } + utf8_enforcer_tag + method_tag + else + method_tag + end end def form_tag_html(html_options) |