Method: ActionView::Helpers::UrlHelper#button_to
- Defined in:
- actionview/lib/action_view/helpers/url_helper.rb
#button_to(name = nil, options = nil, html_options = nil, &block) ⇒ Object
Generates a form containing a single button that submits to the URL created by the set of options. This is the safest method to ensure links that cause changes to your data are not triggered by search bots or accelerators.
You can control the form and button behavior with html_options. Most values in html_options are passed through to the button element. For example, passing a :class option within html_options will set the class attribute of the button element.
The class attribute of the form element can be set by passing a :form_class option within html_options. It defaults to "button_to" to allow styling of the form and its children.
The form submits a POST request by default if the object is not persisted; conversely, if the object is persisted, it will submit a PATCH request. To specify a different HTTP verb use the :method option within html_options.
If the HTML button generated from button_to does not work with your layout, you can consider using the link_to method with the data-turbo-method attribute as described in the link_to documentation.
Options
The options hash accepts the same options as url_for. To generate a <form> element without an [action] attribute, pass false:
<%= button_to "New", false %>
# => "<form method="post" class="">
# <button type="submit">New</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"/>
# </form>"
Most values in html_options are passed through to the button element, but there are a few special options:
-
:method- Symbol of HTTP verb. Supported verbs are:post,:get,:delete,:patch, and:put. By default it will be:post. -
:disabled- If set to true, it will generate a disabled button. -
:data- This option can be used to add custom data attributes. -
:form- This hash will be form attributes -
:form_class- This controls the class of the form within which the submit button will be placed -
:params- Hash of parameters to be rendered as hidden fields within the form.
Examples
<%= button_to "New", action: "new" %>
# => "<form method="post" action="/controller/new" class="">
# <button type="submit">New</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
# </form>"
<%= button_to "New", new_article_path %>
# => "<form method="post" action="/articles/new" class="">
# <button type="submit">New</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
# </form>"
<%= button_to "New", new_article_path, params: { time: Time.now } %>
# => "<form method="post" action="/articles/new" class="">
# <button type="submit">New</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6"/>
# <input type="hidden" name="time" value="2021-04-08 14:06:09 -0500" autocomplete="off">
# </form>"
<%= button_to [:make_happy, @user] do %>
Make happy <strong><%= @user.name %></strong>
<% end %>
# => "<form method="post" action="/users/1/make_happy" class="button_to">
# <button type="submit">
# Make happy <strong><%= @user.name %></strong>
# </button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
# </form>"
<%= button_to "New", { action: "new" }, form_class: "new-thing" %>
# => "<form method="post" action="/controller/new" class="new-thing">
# <button type="submit">New</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
# </form>"
<%= button_to "Create", { action: "create" }, form: { "data-type" => "json" } %>
# => "<form method="post" action="/images/create" class="button_to" data-type="json">
# <button type="submit">Create</button>
# <input name="authenticity_token" type="hidden" value="10f2163b45388899ad4d5ae948988266befcb6c3d1b2451cf657a0c293d605a6" autocomplete="off"/>
# </form>"
296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 |
# File 'actionview/lib/action_view/helpers/url_helper.rb', line 296 def (name = nil, = nil, = nil, &block) , = , name if block_given? ||= {} = .stringify_keys url = case when FalseClass then nil else url_for() end remote = .delete("remote") params = .delete("params") authenticity_token = .delete("authenticity_token") method = (.delete("method").presence || ()).to_s method_tag = BUTTON_TAG_METHOD_VERBS.include?(method) ? method_tag(method) : "".html_safe form_method = method == "get" ? "get" : "post" = .delete("form") || {} [:class] ||= .delete("form_class") || "button_to" [:method] = form_method [:action] = url [:'data-remote'] = true if remote request_token_tag = if form_method == "post" request_method = method.empty? ? "post" : method token_tag(authenticity_token, form_options: { action: url, method: request_method }) else "" end = (, ) ["type"] = "submit" = if block_given? content_tag("button", , &block) elsif content_tag("button", name || url, , &block) else ["value"] = name || url tag("input", ) end = method_tag.safe_concat().safe_concat(request_token_tag) if params to_form_params(params).each do |param| .safe_concat tag(:input, type: "hidden", name: param[:name], value: param[:value], autocomplete: "off") end end html = content_tag("form", , ) prevent_content_exfiltration(html) end |