Why is Rails 6 corrupting (hashing?) the string value assigned to a form's hidden_field named "video_key"?
Why is Rails 6 changing the value of the string assigned to a hidden_field in a form?
My code:
= form_with url: send_video_create_posts_path(post: @post), method: :post do |f|
= f.hidden_field :page_id, value: @page.id
= f.hidden_field :video_key, value: @unique_key.to_s #### <= THIS GETS CORRUPTED ####
= f.hidden_field :video_processor, value: @unique_key.to_s
= f.hidden_field :video_token, value: "TOKEN", id: "field_for_token"
= f.hidden_field :author_ip, value: request.ip
= f.hidden_field :author_ua, value: request.user_agent
Note that (as a test when I discovered Rails is corrupting the value I assigned to only the video_key field) the exact same string is being assigned as the value of both the field :video_key and the field :video_processor.
Only the field named "video_key" is being corrupted by Rails.
As shown in the screenshot below, in the rendered HTML form, the "video_key" value has been altered by Rails from the correct string value "210623-0036b7b62d76fe60f224" to the corrupted value "LXdSftL6HWGG8wY9tl6me-KJrIT-CVSw6wjvRCEDe8rEIumFERoKPg_ZPpFAPFSQuKfaQHUDJ-uUeZY2xBlAfg"
Why is Rails changing the assigned value of this form field, and if it is some sort of unwelcome "Rails magic" due to (for example) the field name, is there a way to turn it off?
To say the least that breaks the form handling if the data assigned to the field is not the data specified.
Incredibly, this appears to be a well-known, 12 YEAR old Firefox bug that they never got around to fixing. Recently re-raised as issue on a Rails discussion forum.
The solution appears to be either put a DUMMY string field first in any form, or perhaps just any form with hidden fields, and let Firefox corrupt THAT field instead of one of your real fields.
What some Firefox bug reports suggest is adding "autocomplete" => "off" to ALL hidden form fields, and that does seem to work as well.
Raised 12 years ago, closed, reopened about a year ago: https://bugzilla.mozilla.org/show_bug.cgi?id=520561
Raised May 2020: https://discuss.rubyonrails.org/t/form-with-first-field-value-is-overriden-with-a-token-like-string/74861/9
- How can I make Tailwind work on my component
- Generating an I18n attribute in a json jbuilder flow
- Two Ways to Include Associated Models in a Serializer
- How to automatically derive foreign key column names with polymorphic associations?
- Got the right node with Nokogiri, but need to search further
- How to set view context in Rails?
- Rails trying to connect to postgresql on port 5432, but it's configured for 5433
- Scraping all of the URLS of a page
- RESTful API Suggestions
- Rails: Undefined method `flash' for ActionDispatch::Request
- Rails: Converting URL strings to params?
- RapidAPI: undefined method `get_company' for "FB":String
- Check if record does NOT exist in Rails (from array of ids)?
- Grover.to_pdf: ReadableStream is not defined
- Webpacker can't find application.js in /app/public/packs/manifest.json and I can't precompile assets after deleting node_modules folder
- How are IDs for fixtures generated?
- Form does not get Submitted via Mechanize
- How do I ensure a Rails form submits only once after validating all fields?
- Path helpers generate paths with dots instead of slashes
- download github zip file and display contents in web app
- Rails money round cents up
- Rails form_with-helper: What is a :scope?
- Rails 7 asset pipeline SassC::SyntaxError with Tailwind
- Rails 7 error during application start - Zeitwerk-related errors
- Define and use a function within the same HAML file
- Invalid rendering array with locals and as by PropsTemplate gem
- Disqus Ajax is not taking different thread for diffrent posts in ruby on rails
- skip validation in parent class
- Rails: Form that sets up default values for an object?
- Rails strange parameter added on POST request