[html-formfu] Include Catalyst::Controller::RequestToken in C::C::HTML::FormFu

onken at houseofdesign.de onken at houseofdesign.de
Thu Jan 15 14:44:07 GMT 2009



> I really like this idea.
> 
> I would suggest putting the bulk of the logic in a Plugin
> (HTML::FormFu::Plugin::RequestToken) that runs during process(), that
> checks to see if the hidden field exists, and if not adds it, and then
> checks to see if the constraint exists, and if not adds it.
> 
> Otherwise, there would be problems with adding the field automatically
> in C::C::HTML::FormFu, because if fields are added before the form
> config is loaded, the xhtml will be invalid if the field isn't within
> a fieldset. And I can't really see any way to handle that nicely for
> $self->form() which returns a form with no config loaded yet.
> 
> So the only thing the code in C::C::HTML::FormFu should need to do is
> add the Plugin to each form during $controller->_common_construction.
> ( or $controller->_form() if it isn't suitable for MultiForm's - I
> haven't looked at it closely enough to figure that out).
> And of course, that would be configurable/
> 
> So maybe the following config options...
> request_token_enable     # 0 by default
> request_token_add_plugin # 1 by default
> 
> Looking at C::C::RequestToken some more... I don't think it would be
> appropriate for C::C::HTML::FormFu to inherit from C::C::RequestToken
> - so I think you'd need to make it a requirement that the user's
> application inherit from C::C::RequestToken.
> 

Hi Carl,

I had closer look at RequestToken and I think we should drop that
requirement and write it ourselfs. The logic is not that hard and
RequestToken has some limitations which can cause some trouble. E. g. you
cannot open form1, open another form2 and submit form1. That will fail
because RequestToken uses a unique session key for all tokens and opening
another form2 will overwrite the token of form1.

I will write some code and commit it to svn so we can have a look at it.
I'll write as much comments as I can to make everything as clear as
possible.

cheers,

moritz




More information about the HTML-FormFu mailing list