rails
rails copied to clipboard
Forms: Deprecate `local:` and `remote:` options
Motivation / Background
There are two two parts to interpreting the form_for
helper's remote:
option, and the form_with
helper's local:
option:
-
The
[data-remote]
attribute:When
remote: true
orlocal: false
, Action View generates<form>
elements with[data-remote="true"]
. When passedremote: false
orlocal: true
, the[data-remote]
attribute is omitted.Omitting the options is equivalent to
remote: true
andlocal: false
. -
CSRF tokens
When
remote: true
orlocal: false
, Action view generates<form>
elements without any CSRF tokens encoded as<input type="hidden">
elements.When
remote: false
orlocal: true
, Action view generates<form>
elements with an embedded CSRF token either generated on the fly, or forwarded along from the form helper method'sauthenticity_token:
option.When omitted, their default values are handled by two similar configuration values:
-
config.action_view.embed_authenticity_token_in_remote_forms
forform_for
and itsremote:
option -
config.action_view.form_with_generates_remote_forms
forform_with
and itslocal:
option
-
Detail
This commit renders deprecation warnings when local:
or remote:
options are passed to form_with
and form_for
, respectively. Also
deprecate config.action_view.embed_authenticity_token_in_remote_forms
and config.action_view.form_with_generates_remote_forms
configurations.
Checklist
Before submitting the PR make sure the following are checked:
- [x] This Pull Request is related to one change. Changes that are unrelated should be opened in separate PRs.
- [x] Commit message has a detailed description of what changed and why. If this PR fixes a related issue include it in the commit message. Ex:
[Fix #issue-number]
- [x] Tests are added or updated if you fix a bug or add a feature.
- [x] CHANGELOG files are updated for the changed libraries if there is a behavior change or additional feature. Minor bug fixes and documentation changes should not be included.