This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<style> | |
/* just a little breathing room for screenshots */ | |
body { padding: 40px; } | |
</style> | |
<body> | |
<form> | |
<input type='email' required name='email'> | |
<button type='submit'> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var validateForm = function(submitEvent) { | |
/* We'll fill this in incrementally. */ | |
}; | |
document.addEventListener('DOMContentLoaded', function() { | |
var forms = document.querySelectorAll('form'); | |
for (var index = forms.length - 1; index >= 0; index--) { | |
var form = forms[index]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if (!submitEvent.target.checkValidity()) { | |
/* oh noes! */ | |
} else { | |
return true; /* everything's cool, the form is valid! */ | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var form = submitEvent.target, | |
elements = form.elements; | |
/* Loop through the elements, looking for an invalid one. */ | |
for (var index = 0, len = elements.length; index < len; index++) { | |
var element = elements[index]; | |
if (element.willValidate === true && element.validity.valid !== true) { | |
/* element is invalid, let's do something! */ | |
/* break from our loop */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var message = element.validationMessage, | |
parent = element.parentNode, | |
div = document.createElement('div'); | |
/* Add our message to a div with class 'validation-message' */ | |
div.appendChild(document.createTextNode(message)); | |
div.classList.add('validation-message'); | |
/* Add our error message just after element. */ | |
parent.insertBefore(div, element.nextSibling); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var validateForm = function(submitEvent) { | |
if (!submitEvent.target.checkValidity()) { | |
/* Seriously, hold everything. */ | |
submitEvent.preventDefault(); | |
submitEvent.stopImmediatePropagation(); | |
submitEvent.stopPropagation(); | |
var form = submitEvent.target, | |
elements = form.elements; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
Determine the best message to return based on validity state. | |
*/ | |
var validationMessageFor = function(element) { | |
var name = element.nodeName, | |
type = element.type, | |
/* Custom, reused messages. */ | |
emailMessage = "Please enter a valid email address."; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<meta name='csrf-token' content='<%= session[:csrf] %>'> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$(document).on 'submit', 'form', -> | |
form = $(this) | |
method = form.attr('method').toUpperCase() | |
token = $('meta[name=csrf-token]').attr('content') | |
# add the CSRF token as a hidden input to the form | |
if method? and method isnt 'GET' | |
form.prepend $('<input>', name: '_csrf', type: 'hidden', value: token) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
before do | |
session[:csrf] ||= SecureRandom.hex(32) | |
response.set_cookie 'authenticity_token', { | |
value: session[:csrf], | |
expires: Time.now + (60 * 60 * 24 * 180), # that's 180 days | |
path: '/', | |
httponly: true | |
# secure: true # if you have HTTPS (and you should) then enable this |