|
212 | 212 |
|
213 | 213 | // Handles "data-method" on links such as: |
214 | 214 | // <a href="/users/5" data-method="delete" rel="nofollow" data-confirm="Are you sure?">Delete</a> |
215 | | - handleMethod: function(link) { |
216 | | - var href = rails.href(link), |
217 | | - method = link.data('method'), |
218 | | - target = link.attr('target'), |
219 | | - csrfToken = rails.csrfToken(), |
220 | | - csrfParam = rails.csrfParam(), |
221 | | - form = $('<form method="post" action="' + href + '"></form>'), |
222 | | - metadataInput = '<input name="_method" value="' + method + '" type="hidden" />'; |
223 | | - |
224 | | - if (csrfParam !== undefined && csrfToken !== undefined && !rails.isCrossDomain(href)) { |
225 | | - metadataInput += '<input name="' + csrfParam + '" value="' + csrfToken + '" type="hidden" />'; |
226 | | - } |
| 215 | + // Handles "data-method" on links such as: |
| 216 | +// <a href="/users/5" data-method="delete" rel="nofollow" data-confirm="Are you sure?">Delete</a> |
| 217 | +handleMethod: function(link) { |
| 218 | + var href = rails.href(link), |
| 219 | + method = link.data('method'), |
| 220 | + target = link.attr('target'), |
| 221 | + csrfToken = rails.csrfToken(), |
| 222 | + csrfParam = rails.csrfParam(), |
| 223 | + form = $('<form method="post"></form>'), |
| 224 | + metadataInput = '<input name="_method" value="' + method + '" type="hidden" />'; |
| 225 | + |
| 226 | + // Ensure href is a valid URL |
| 227 | + var parser = document.createElement('a'); |
| 228 | + parser.href = href; |
| 229 | + href = parser.href; |
| 230 | + |
| 231 | + if (csrfParam !== undefined && csrfToken !== undefined && !rails.isCrossDomain(href)) { |
| 232 | + metadataInput += '<input name="' + csrfParam + '" value="' + csrfToken + '" type="hidden" />'; |
| 233 | + } |
227 | 234 |
|
228 | | - if (target) { form.attr('target', target); } |
| 235 | + if (target) { form.attr('target', target); } |
| 236 | + |
| 237 | + form.hide().append(metadataInput).appendTo('body').attr('action', href).submit(); |
| 238 | +}, |
229 | 239 |
|
230 | | - form.hide().append(metadataInput).appendTo('body'); |
231 | | - form.submit(); |
232 | | - }, |
233 | 240 |
|
234 | 241 | // Helper function that returns form elements that match the specified CSS selector |
235 | 242 | // If form is actually a "form" element this will return associated elements outside the from that have |
|
0 commit comments