yesod PUT and DELETE using hidden _method parameter - httprequest

Is there an easy way to have yesod read a POST request as a PUT or DELETE when it has a special parameter: _method=DELETE? And render forms with it?

Yesod uses the methodOverride middleware by default which allows this. When I use this approach, I just put it into the action attribute of the form, e.g.:
<form method=post action=#{SomeRouteR}?_method=DELETE>

Related

Set formcollection parameter in url

I have an asp.net mvc 4 application. There is an action method, HttpPost which takes in a formcollection. I want to provide a direct link to this action and manually set a parameter on the formcollection. Is this possible?
e.g. myurl?formCollection[Parameter]=staticValue
You can't provide a direct link:
Direct link
because links use GET's (not POST's). Though you can get the behavior that you want using some javascript or changing the action to HttpGet.
Regards.

Access form post Data without request.Form

I know this is very weird but I get following error on my page and I know I can't have Request.form with ENCTYPE="multipart/form-data" Cannot call BinaryRead after using Request.Form collection.
My Actual Uploader page I use Forms collection to access form data like Uploader.Form("txtTitle").
But on this uploder page I have included couple of ASP pages which are standard thruout app for other security checks and etc and those pages use Request.form.
What's other alternative to access form post data without Request.form on those security pages? Since those are common pages use by all other pages which don't have ENCTYPE="multipart/form-data" on their forms.
Thanks in advance!
Put the includes' code which uses Request.Form inside a function, than pass values as parameters to the function instead of using Request.Form
So in your page it will look something like this:
<!--#INCLUDE FILE="myinclude.asp"-->
MyIncludeFunction Uploader.Form("MyIncludeFunctionParameter")
And in all other pages:
<!--#INCLUDE FILE="myinclude.asp"-->
MyIncludeFunction Request.Form("MyIncludeFunctionParameter")

Disable action method from being called from the address bar

I have a method in my controller that I don't want to be called from the address bar in the browser...
Is there a way to do that? Maybe some kind of annotation, modification in the route configuration? Which are my options?
If you are going to use this action only from within your controller or Views then you can use ChildActionOnly attribute.
If you want to access it using POST then you can use [HttpPost] attribute.
But if you wish to use it using GET (i.e. using AJAX call etc) and don't want users to access it using address bar then you can follow this tutorial to make your actions AJAX only.
Or, if you simply want a method that is not an Action at all (i.e. cannot be called using HTTP) then you can either make it private or use [NonAction] attribute
Use NonAction attribute on the method.

Use JS to change <form> from remote to non-remote in Rails 3, HAML

The problem is that i have a remote form that, based on condition, id like to convert to a non-remote form (using UJS), and then submit.
note the form has a file upload.
Here's the details: I have initially rendered the remote form using
= form_for #myobj, :url => {:action=>"remoteAction", :controller=>"myobjects"}, :remote => true do |f|
... (f.fields....)
which produces the HTML:
<form id="new_myobj" class="new_myobj" method="post" accept-charset="UTF-8" data-remote="true" action="/remoteAction">
when i click submit, as expected, the form is submitted 'AS JS'.
in the controller action, i am doing some validation of the fields inside the submitted form.
If all the validations pass, i execute the following .js.haml template:
$('form#new_myobj').removeAttr("data-remote");
$('form#new_myobj').attr('enctype', 'multipart/form-data');
$('form#new_myobj').attr('action', '/myobjects/regularAction');
which successfully changes the HTML on the page (witnessed via Firebug) to:
<form id="new_myobj" class="new_myobj" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="/myobjects/regularAction">
since the form contains an f.file_field, i have to submit as multipart so the image can be uploaded, and i cannot submit 'AS JS'
now, when i click submit, the controller action 'regularAction' is indeed called, but its still 'AS JS'
the question is, what else do i need to change in the HTML so the form can be submitted non-xhr? is it related to the headers?
jQuery is a bit tricky with the data attributes since it both
reads the HTML5 data tags as well as its own storage bound to the
DOM element, that is also called data. When writing to an attribute
that value gets copied into jQuerys own data storage (presumably
when data("remote") is being called).
However, this only happens
if jQuery’s data is empty for that name. Thus setting the attribute will only work once, after that the "cached" value is being used
even if the attribute changes. In order to really get rid of the
value, we need to remove the attribute and jQuerys own storage
method in that order. The reason is that there’s a high-level
(element.removeData(…)) function and a low level one (jQuery.
removeData(element, …)). The former re-reads the HTML5 data
attribute and stores it in jQuery’s own storage. Using the rather
unusual low level function obviously works as well.
Also, we do really need to remove the attribute -- setting it to
false is not enough since Rails only checks if form.data('remote')
is not undefined (look for it in jquery_ujs.js).
TL;DR:
attr("data-remote") != data("remote")
These two lines make a form non-remote (again). Order matters.
$("form").removeAttr("data-remote");
$("form").removeData("remote");
It’s documented, if you actually know what you’re looking for:
http://api.jquery.com/jQuery.data/ (low level function)
http://blog.madebydna.com/all/code/2011/12/05/ajax-in-rails-3.html
StackOverflow doesn’t allow me to post more than two links, but you can guess the removeData one. The high-level functions are linked from the low level ones.
Avoiding the token authenticity error in Rails 4+:
As Stan commented below, just doing the above will fail with an InvalidAuthenticityToken error. The workaround is easy though, see here for details: https://stackoverflow.com/a/19858504/1684530
The problem is that your approach to disable the Ajax submission isn't quite correct. You need to unbind the JavaScript events that have already been added by rails.js (Rails UJS adapter) to the form.
You can do that by:
$('form#new_myobj').unbind() to unbind all events attached to the form. You also need to $('form#new_myobj').removeAttr('data-remote') and $('form#new_myobj').removeAttr('data-type') to remove data-remote and data-type attributes (if existent).

How to POST cross-domain form data using DOJO

I want to send form data using POST method to a remote URL using DOJO.
dojo.xhrPost works for local domain & dojo.io.script.get is only for GET method.
Can anyone suggest me a method to do this?
Shiji
I believe you can use dojo.io.iframe to accomplish this:
dojo.io.iframe.send({
url: 'www.myawesome.server',
form: form,
content: content
});
But apparently you need to set the method on the form to POST:
dojo.attr(form, 'method', 'post');
(Or do it directly on the form: <form method="post" ...>)
I haven't tried this, but here is an article describing exactly what (I believe) you are trying to do:
http://www.mikejuniper.com/2009/03/fun-with-dojoioiframesend/