Why is Rails 6 changing the value of the string assigned to a hidden_field in a form?
My code:
= form_with url: send_video_create_posts_path(post: @post), method: :post do |f|
= f.hidden_field :page_id, value: @page.id
= f.hidden_field :video_key, value: @unique_key.to_s #### <= THIS GETS CORRUPTED ####
= f.hidden_field :video_processor, value: @unique_key.to_s
= f.hidden_field :video_token, value: "TOKEN", id: "field_for_token"
= f.hidden_field :author_ip, value: request.ip
= f.hidden_field :author_ua, value: request.user_agent
Note that (as a test when I discovered Rails is corrupting the value I assigned to only the video_key field) the exact same string is being assigned as the value of both the field :video_key and the field :video_processor.
Only the field named "video_key" is being corrupted by Rails.
As shown in the screenshot below, in the rendered HTML form, the "video_key" value has been altered by Rails from the correct string value "210623-0036b7b62d76fe60f224" to the corrupted value "LXdSftL6HWGG8wY9tl6me-KJrIT-CVSw6wjvRCEDe8rEIumFERoKPg_ZPpFAPFSQuKfaQHUDJ-uUeZY2xBlAfg"
Why is Rails changing the assigned value of this form field, and if it is some sort of unwelcome "Rails magic" due to (for example) the field name, is there a way to turn it off?
To say the least that breaks the form handling if the data assigned to the field is not the data specified.
Incredibly, this appears to be a well-known, 12 YEAR old Firefox bug that they never got around to fixing. Recently re-raised as issue on a Rails discussion forum.
The solution appears to be either put a DUMMY string field first in any form, or perhaps just any form with hidden fields, and let Firefox corrupt THAT field instead of one of your real fields.
What some Firefox bug reports suggest is adding "autocomplete" => "off" to ALL hidden form fields, and that does seem to work as well.
Raised 12 years ago, closed, reopened about a year ago: https://bugzilla.mozilla.org/show_bug.cgi?id=520561
Raised May 2020: https://discuss.rubyonrails.org/t/form-with-first-field-value-is-overriden-with-a-token-like-string/74861/9