123456789_123456789_123456789_123456789_123456789_

Module: ActionView::Helpers::UrlHelper

Overview

Action View URL Helpers

Provides a set of methods for making links and getting URLs that depend on the routing subsystem (see ::ActionDispatch::Routing). This allows you to use the same format for links in views and controllers.

Constant Summary

TagHelper - Included

ARIA_PREFIXES, BOOLEAN_ATTRIBUTES, DATA_PREFIXES, PRE_CONTENT_STRINGS, TAG_TYPES

ContentExfiltrationPreventionHelper - Included

CLOSE_CDATA_COMMENT, CLOSE_FORM_TAG, CLOSE_OPTION_TAG, CLOSE_QUOTES_COMMENT, CONTENT_EXFILTRATION_PREVENTION_MARKUP

Class Attribute Summary

Class Method Summary

::ActiveSupport::Concern - Extended

class_methods

Define class methods from given block.

included

Evaluate given block in context of base class, so that you can write class macros here.

prepended

Evaluate given block in context of base class, so that you can write class macros here.

append_features, prepend_features

Instance Attribute Summary

Instance Method Summary

ContentExfiltrationPreventionHelper - Included

TagHelper - Included

#cdata_section

Returns a CDATA section with the given content.

#class_names
#content_tag

Returns an HTML block tag of type name surrounding the content.

#escape_once

Returns an escaped version of html without affecting existing escaped entities.

#tag

Returns an HTML tag.

#token_list

Returns a string of tokens built from args.

#build_tag_values, #ensure_valid_html5_tag_name, #tag_builder

OutputSafetyHelper - Included

#raw

This method outputs without escaping a string.

#safe_join

This method returns an HTML safe string similar to what Array#join would return.

#to_sentence

Converts the array to a comma-separated sentence where the last element is joined by the connector word.

CaptureHelper - Included

#capture

The capture method extracts part of a template as a string object.

#content_for

Calling content_for stores a block of markup in an identifier for later use.

#content_for?

content_for? checks whether any content has been captured yet using content_for.

#provide

The same as content_for but when used with streaming flushes straight back to the layout.

#with_output_buffer

Use an alternate output buffer for the duration of the block.

Class Attribute Details

.button_to_generates_button_tag (rw) Also known as: #button_to_generates_button_tag

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 35

mattr_accessor :button_to_generates_button_tag, default: false

Instance Attribute Details

#button_to_generates_button_tag (rw)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 35

mattr_accessor :button_to_generates_button_tag, default: false

Instance Method Details

#_back_url (private)

This method is for internal use only.
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 50

def _back_url # :nodoc:
  _filtered_referrer || "javascript:history.back()"
end

#_filtered_referrer (private)

This method is for internal use only.
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 55

def _filtered_referrer # :nodoc:
  if controller.respond_to?(:request)
    referrer = controller.request.env["HTTP_REFERER"]
    if referrer && URI(referrer).scheme != "javascript"
      referrer
    end
  end
rescue URI::InvalidURIError
end

#add_method_to_attributes!(html_options, method) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 712

def add_method_to_attributes!(html_options, method)
  if method_not_get_method?(method) && !html_options["rel"].to_s.include?("nofollow")
    if html_options["rel"].blank?
      html_options["rel"] = "nofollow"
    else
      html_options["rel"] = "#{html_options["rel"]} nofollow"
    end
  end
  html_options["data-method"] = method
end

#button_to(name = nil, options = nil, html_options = nil, &block)

Generates a form containing a single button that submits to the URL created by the set of options. This is the safest method to ensure links that cause changes to your data are not triggered by search bots or accelerators.

You can control the form and button behavior with html_options. Most values in html_options are passed through to the button element. For example, passing a :class option within html_options will set the class attribute of the button element.

The class attribute of the form element can be set by passing a :form_class option within html_options. It defaults to "button_to" to allow styling of the form and its children.

The form submits a POST request by default if the object is not persisted; conversely, if the object is persisted, it will submit a PATCH request. To specify a different HTTP verb use the :method option within html_options.

If the HTML button generated from button_to does not work with your layout, you can consider using the #link_to method with the data-turbo-method attribute as described in the #link_to documentation.

Options

The options hash accepts the same options as #url_for. To generate a <form> element without an [action] attribute, pass false:

<%= button_to "New", false %>
# => "<form method="post" class="button_to">
#      <button type="submit">New</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"/>
#    </form>"

Most values in html_options are passed through to the button element, but there are a few special options:

  • :method - Symbol of HTTP verb. Supported verbs are :post, :get, :delete, :patch, and :put. By default it will be :post.

  • :disabled - If set to true, it will generate a disabled button.

  • :data - This option can be used to add custom data attributes.

  • :form - This hash will be form attributes

  • :form_class - This controls the class of the form within which the submit button will be placed

  • :params - Hash of parameters to be rendered as hidden fields within the form.

Examples

<%= button_to "New", action: "new" %>
# => "<form method="post" action="/controller/new" class="button_to">
#      <button type="submit">New</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
#    </form>"

<%= button_to "New", new_article_path %>
# => "<form method="post" action="/articles/new" class="button_to">
#      <button type="submit">New</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
#    </form>"

<%= button_to "New", new_article_path, params: { time: Time.now  } %>
# => "<form method="post" action="/articles/new" class="button_to">
#      <button type="submit">New</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"/>
#      <input type="hidden" name="time" value="2021-04-08 14:06:09 -0500" autocomplete="off">
#    </form>"

<%= button_to [:make_happy, @user] do %>
  Make happy <strong><%= @user.name %></strong>
<% end %>
# => "<form method="post" action="/users/1/make_happy" class="button_to">
#      <button type="submit">
#        Make happy <strong><%= @user.name %></strong>
#      </button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"  autocomplete="off"/>
#    </form>"

<%= button_to "New", { action: "new" }, form_class: "new-thing" %>
# => "<form method="post" action="/controller/new" class="new-thing">
#      <button type="submit">New</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"  autocomplete="off"/>
#    </form>"

<%= button_to "Create", { action: "create" }, form: { "data-type" => "json" } %>
# => "<form method="post" action="/images/create" class="button_to" data-type="json">
#      <button type="submit">Create</button>
#      <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"  autocomplete="off"/>
#    </form>"
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 296

def button_to(name = nil, options = nil, html_options = nil, &block)
  html_options, options = options, name if block_given?
  html_options ||= {}
  html_options = html_options.stringify_keys

  url =
    case options
    when FalseClass then nil
    else url_for(options)
    end

  remote = html_options.delete("remote")
  params = html_options.delete("params")

  authenticity_token = html_options.delete("authenticity_token")

  method     = (html_options.delete("method").presence || method_for_options(options)).to_s
  method_tag = BUTTON_TAG_METHOD_VERBS.include?(method) ? method_tag(method) : "".html_safe

  form_method  = method == "get" ? "get" : "post"
  form_options = html_options.delete("form") || {}
  form_options[:class] ||= html_options.delete("form_class") || "button_to"
  form_options[:method] = form_method
  form_options[:action] = url
  form_options[:'data-remote'] = true if remote

  request_token_tag = if form_method == "post"
    request_method = method.empty? ? "post" : method
    token_tag(authenticity_token, form_options: { action: url, method: request_method })
  else
    ""
  end

  html_options = convert_options_to_data_attributes(options, html_options)
  html_options["type"] = "submit"

  button = if block_given?
    ("button", html_options, &block)
  elsif button_to_generates_button_tag
    ("button", name || url, html_options, &block)
  else
    html_options["value"] = name || url
    tag("input", html_options)
  end

  inner_tags = method_tag.safe_concat(button).safe_concat(request_token_tag)
  if params
    to_form_params(params).each do |param|
      inner_tags.safe_concat tag(:input, type: "hidden", name: param[:name], value: param[:value],
                                 autocomplete: "off")
    end
  end
  html = ("form", inner_tags, form_options)
  prevent_content_exfiltration(html)
end

#convert_options_to_data_attributes(options, html_options) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 683

def convert_options_to_data_attributes(options, html_options)
  if html_options
    html_options = html_options.stringify_keys
    html_options["data-remote"] = "true" if link_to_remote_options?(options) || link_to_remote_options?(html_options)

    method = html_options.delete("method")

    add_method_to_attributes!(html_options, method) if method

    html_options
  else
    link_to_remote_options?(options) ? { "data-remote" => "true" } : {}
  end
end

#current_page?(options = nil, check_parameters: false, **options_as_kwargs) ⇒ Boolean

True if the current request URI was generated by the given options.

Examples

Let’s say we’re in the http://www.example.com/shop/checkout?order=desc&page=1 action.

current_page?(action: 'process')
# => false

current_page?(action: 'checkout')
# => true

current_page?(controller: 'library', action: 'checkout')
# => false

current_page?(controller: 'shop', action: 'checkout')
# => true

current_page?(controller: 'shop', action: 'checkout', order: 'asc')
# => false

current_page?(controller: 'shop', action: 'checkout', order: 'desc', page: '1')
# => true

current_page?(controller: 'shop', action: 'checkout', order: 'desc', page: '2')
# => false

current_page?('http://www.example.com/shop/checkout')
# => true

current_page?('http://www.example.com/shop/checkout', check_parameters: true)
# => false

current_page?('/shop/checkout')
# => true

current_page?('http://www.example.com/shop/checkout?order=desc&page=1')
# => true

Let’s say we’re in the http://www.example.com/products action with method POST in case of invalid product.

current_page?(controller: 'product', action: 'index')
# => false

We can also pass in the symbol arguments instead of strings.

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 548

def current_page?(options = nil, check_parameters: false, **options_as_kwargs)
  unless request
    raise "You cannot use helpers that need to determine the current " \
          "page unless your view context provides a Request object " \
          "in a #request method"
  end

  return false unless request.get? || request.head?

  options ||= options_as_kwargs
  check_parameters ||= options.is_a?(Hash) && options.delete(:check_parameters)
  url_string = URI::RFC2396_PARSER.unescape(url_for(options)).force_encoding(Encoding::BINARY)

  # We ignore any extra parameters in the request_uri if the
  # submitted URL doesn't have any either. This lets the function
  # work with things like ?order=asc
  # the behavior can be disabled with check_parameters: true
  request_uri = url_string.index("?") || check_parameters ? request.fullpath : request.path
  request_uri = URI::RFC2396_PARSER.unescape(request_uri).force_encoding(Encoding::BINARY)

  if %r{^\w+://}.match?(url_string)
    request_uri = +"#{request.protocol}#{request.host_with_port}#{request_uri}"
  end

  remove_trailing_slash!(url_string)
  remove_trailing_slash!(request_uri)

  url_string == request_uri
end

#mail_to(email_address, name = nil, html_options = {}, &block)

Creates a mailto link tag to the specified email_address, which is also used as the name of the link unless name is specified. Additional HTML attributes for the link can be passed in html_options.

mail_to has several methods for customizing the email itself by passing special keys to html_options.

Options

  • :subject - Preset the subject line of the email.

  • :body - Preset the body of the email.

  • :cc - Carbon Copy additional recipients on the email.

  • :bcc - Blind Carbon Copy additional recipients on the email.

  • :reply_to - Preset the Reply-To field of the email.

Obfuscation

Prior to Rails 4.0, mail_to provided options for encoding the address in order to hinder email harvesters. To take advantage of these options, install the actionview-encoded_mail_to gem.

Examples

mail_to "me@domain.com"
# => <a href="mailto:me@domain.com">me@domain.com</a>

mail_to "me@domain.com", "My email"
# => <a href="mailto:me@domain.com">My email</a>

mail_to "me@domain.com", cc: "ccaddress@domain.com",
         subject: "This is an example email"
# => <a href="mailto:me@domain.com?cc=ccaddress@domain.com&subject=This%20is%20an%20example%20email">me@domain.com</a>

You can use a block as well if your link target is hard to fit into the name parameter. ::ERB example:

<%= mail_to "me@domain.com" do %>
  <strong>Email me:</strong> <span>me@domain.com</span>
<% end %>
# => <a href="mailto:me@domain.com">
       <strong>Email me:</strong> <span>me@domain.com</span>
     </a>
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 487

def mail_to(email_address, name = nil, html_options = {}, &block)
  html_options, name = name, nil if name.is_a?(Hash)
  html_options = (html_options || {}).stringify_keys

  extras = %w{ cc bcc body subject reply_to }.map! { |item|
    option = html_options.delete(item).presence || next
    "#{item.dasherize}=#{ERB::Util.url_encode(option)}"
  }.compact
  extras = extras.empty? ? "" : "?" + extras.join("&")

  encoded_email_address = ERB::Util.url_encode(email_address).gsub("%40", "@")
  html_options["href"] = "mailto:#{encoded_email_address}#{extras}"

  ("a", name || email_address, html_options, &block)
end

#method_for_options(options) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 723

def method_for_options(options)
  if options.is_a?(Array)
    method_for_options(options.last)
  elsif options.respond_to?(:persisted?)
    options.persisted? ? :patch : :post
  elsif options.respond_to?(:to_model)
    method_for_options(options.to_model)
  end
end

#method_not_get_method?(method) ⇒ Boolean (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 741

def method_not_get_method?(method)
  return false unless method
  (STRINGIFIED_COMMON_METHODS[method] || method.to_s.downcase) != "get"
end

#method_tag(method) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 760

def method_tag(method)
  tag("input", type: "hidden", name: "_method", value: method.to_s, autocomplete: "off")
end

#phone_to(phone_number, name = nil, html_options = {}, &block)

Creates a TEL anchor link tag to the specified phone_number. When the link is clicked, the default app to make phone calls is opened and prepopulated with the phone number.

If name is not specified, phone_number will be used as the name of the link.

A country_code option is supported, which prepends a plus sign and the given country code to the linked phone number. For example, country_code: "01" will prepend +01 to the linked phone number.

Additional HTML attributes for the link can be passed via html_options.

Options

  • :country_code - Prepends the country code to the phone number

Examples

phone_to "1234567890"
# => <a href="tel:1234567890">1234567890</a>

phone_to "1234567890", "Phone me"
# => <a href="tel:1234567890">Phone me</a>

phone_to "1234567890", country_code: "01"
# => <a href="tel:+011234567890">1234567890</a>

You can use a block as well if your link target is hard to fit into the name parameter. ERB example:

<%= phone_to "1234567890" do %>
  <strong>Phone me:</strong>
<% end %>
# => <a href="tel:1234567890">
       <strong>Phone me:</strong>
     </a>
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 669

def phone_to(phone_number, name = nil, html_options = {}, &block)
  html_options, name = name, nil if name.is_a?(Hash)
  html_options = (html_options || {}).stringify_keys

  country_code = html_options.delete("country_code").presence
  country_code = country_code.nil? ? "" : "+#{ERB::Util.url_encode(country_code)}"

  encoded_phone_number = ERB::Util.url_encode(phone_number)
  html_options["href"] = "tel:#{country_code}#{encoded_phone_number}"

  ("a", name || phone_number, html_options, &block)
end

#remove_trailing_slash!(url_string) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 806

def remove_trailing_slash!(url_string)
  trailing_index = (url_string.index("?") || 0) - 1
  url_string[trailing_index] = "" if url_string[trailing_index] == "/"
end

#sms_to(phone_number, name = nil, html_options = {}, &block)

Creates an SMS anchor link tag to the specified phone_number. When the link is clicked, the default SMS messaging app is opened ready to send a message to the linked phone number. If the body option is specified, the contents of the message will be preset to body.

If name is not specified, phone_number will be used as the name of the link.

A country_code option is supported, which prepends a plus sign and the given country code to the linked phone number. For example, country_code: "01" will prepend +01 to the linked phone number.

Additional HTML attributes for the link can be passed via html_options.

Options

  • :country_code - Prepend the country code to the phone number.

  • :body - Preset the body of the message.

Examples

sms_to "5155555785"
# => <a href="sms:5155555785;">5155555785</a>

sms_to "5155555785", country_code: "01"
# => <a href="sms:+015155555785;">5155555785</a>

sms_to "5155555785", "Text me"
# => <a href="sms:5155555785;">Text me</a>

sms_to "5155555785", body: "I have a question about your product."
# => <a href="sms:5155555785;?body=I%20have%20a%20question%20about%20your%20product">5155555785</a>

You can use a block as well if your link target is hard to fit into the name parameter. ERB example:

<%= sms_to "5155555785" do %>
  <strong>Text me:</strong>
<% end %>
# => <a href="sms:5155555785;">
       <strong>Text me:</strong>
     </a>
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 618

def sms_to(phone_number, name = nil, html_options = {}, &block)
  html_options, name = name, nil if name.is_a?(Hash)
  html_options = (html_options || {}).stringify_keys

  country_code = html_options.delete("country_code").presence
  country_code = country_code ? "+#{ERB::Util.url_encode(country_code)}" : ""

  body = html_options.delete("body").presence
  body = body ? "?&body=#{ERB::Util.url_encode(body)}" : ""

  encoded_phone_number = ERB::Util.url_encode(phone_number)
  html_options["href"] = "sms:#{country_code}#{encoded_phone_number};#{body}"

  ("a", name || phone_number, html_options, &block)
end

#to_form_params(attribute, namespace = nil) (private)

Returns an array of hashes each containing :name and :value keys suitable for use as the names and values of form input fields:

to_form_params(name: 'David', nationality: 'Danish')
# => [{name: 'name', value: 'David'}, {name: 'nationality', value: 'Danish'}]

to_form_params(country: { name: 'Denmark' })
# => [{name: 'country[name]', value: 'Denmark'}]

to_form_params(countries: ['Denmark', 'Sweden']})
# => [{name: 'countries[]', value: 'Denmark'}, {name: 'countries[]', value: 'Sweden'}]

An optional namespace can be passed to enclose key names:

to_form_params({ name: 'Denmark' }, 'country')
# => [{name: 'country[name]', value: 'Denmark'}]
[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 780

def to_form_params(attribute, namespace = nil)
  attribute = if attribute.respond_to?(:permitted?)
    attribute.to_h
  else
    attribute
  end

  params = []
  case attribute
  when Hash
    attribute.each do |key, value|
      prefix = namespace ? "#{namespace}[#{key}]" : key
      params.push(*to_form_params(value, prefix))
    end
  when Array
    array_prefix = "#{namespace}[]"
    attribute.each do |value|
      params.push(*to_form_params(value, array_prefix))
    end
  else
    params << { name: namespace.to_s, value: attribute.to_param }
  end

  params.sort_by { |pair| pair[:name] }
end

#token_tag(token = nil, form_options: {}) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 746

def token_tag(token = nil, form_options: {})
  if token != false && defined?(protect_against_forgery?) && protect_against_forgery?
    token =
      if token == true || token.nil?
        form_authenticity_token(form_options: form_options.merge(authenticity_token: token))
      else
        token
      end
    tag(:input, type: "hidden", name: request_forgery_protection_token.to_s, value: token, autocomplete: "off")
  else
    ""
  end
end

#url_for(options = nil)

This method is for internal use only.

Basic implementation of url_for to allow use helpers without routes existence

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 38

def url_for(options = nil) # :nodoc:
  case options
  when String
    options
  when :back
    _back_url
  else
    raise ArgumentError, "arguments passed to url_for can't be handled. Please require " \
                         "routes or provide your own implementation"
  end
end

#url_target(name, options) (private)

[ GitHub ]

  
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 698

def url_target(name, options)
  if name.respond_to?(:model_name) && options.is_a?(Hash) && options.empty?
    url_for(name)
  else
    url_for(options)
  end
end