Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unsafe Actions: Replace link_to calls with button_to #2516

Merged
merged 1 commit into from
Feb 15, 2024
Merged

Unsafe Actions: Replace link_to calls with button_to #2516

merged 1 commit into from
Feb 15, 2024

Conversation

seanpdoyle
Copy link
Contributor

The <a> element is suitable for Safe HTTP Methods (like GET) to drive page navigations. Unsafe HTTP Methods (like POST, PUT, and DELETE) are better initiated by <form> submissions.

This commit replaces generated calls to link_to with calls to button_to.

The rest of the styling changes aim to preserve design decisions made about preserving the appearance of elements that were once presented as <a> elements that are now presented as <input type="submit"> elements nested within <form> elements.

While the design changes preserved backwards compatibility, it's worth re-considering the choice to present them as "navigation" links instead of "action" buttons.

@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from 8e8899a to 6c6c04b Compare February 13, 2024 23:58
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from 6c6c04b to 71311da Compare February 14, 2024 00:04
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from 71311da to d705c9f Compare February 14, 2024 00:27
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from d705c9f to 4edb7e6 Compare February 14, 2024 00:29
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from 4edb7e6 to c0742f0 Compare February 14, 2024 00:38
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch 2 times, most recently from 665b11f to df4c1df Compare February 14, 2024 01:12
Base automatically changed from turbo to main February 14, 2024 14:12
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from df4c1df to da2ed35 Compare February 14, 2024 14:17
@seanpdoyle seanpdoyle marked this pull request as draft February 14, 2024 14:21
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from da2ed35 to 09a9d37 Compare February 14, 2024 14:36
@seanpdoyle seanpdoyle marked this pull request as ready for review February 14, 2024 14:37
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch 2 times, most recently from e926279 to 1d7af14 Compare February 14, 2024 20:01
@seanpdoyle
Unsafe Actions: Replace link_to calls with button_to
f700c43 
The `<a>` element is suitable for [Safe HTTP Methods][] (like `GET`) to
drive page navigations. Unsafe HTTP Methods (like `POST`, `PUT`, and
`DELETE`) are better initiated by `<form>` submissions.

This commit replaces generated calls to `link_to` with calls to
`button_to`.

The rest of the styling changes aim to preserve design decisions made
about preserving the appearance of elements that were once presented as
`<a>` elements that are now presented as `<input type="submit">`
elements nested within `<form>` elements.

While the design changes preserved backwards compatibility, it's worth
re-considering the choice to present them as "navigation" links instead
of "action" buttons.

[Safe HTTP Methods]: https://developer.mozilla.org/en-US/docs/Glossary/Safe/HTTP
@seanpdoyle seanpdoyle force-pushed the replace-unsafe-link-to-with-button-to branch from 1d7af14 to f700c43 Compare February 14, 2024 20:52
@nickcharlton
Copy link
Member

Ah, excellent, thanks!

@nickcharlton nickcharlton merged commit 074cb1a into main Feb 15, 2024
10 checks passed
@nickcharlton nickcharlton deleted the replace-unsafe-link-to-with-button-to branch February 15, 2024 11:24
f-moya added a commit to ApprenticeshipStandardsDotOrg/ApprenticeshipStandardsDotOrg that referenced this pull request Nov 15, 2024
@f-moya
Bump administrate from 1.0.0.beta1 to 1.0.0.beta2
f8c4321 
- Updated the administrate gem from version 1.0.0beta1 to 1.0.0beta2 in both Gemfile and Gemfile.lock.

- Refactored the synonym show page test to check for a "Destroy" button instead of a link, in line with changes noted in the changelog https://github.com/thoughtbot/administrate/blob/main/CHANGELOG.md#100beta2-october-25-2024, specifically the update found in thoughtbot/administrate#2516.
@f-moya f-moya mentioned this pull request Nov 15, 2024
Closed
@clarissalimab clarissalimab mentioned this pull request Dec 18, 2024
Merged
38 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@seanpdoyle @nickcharlton