david wong

Hey ! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

Some Rails' magic. August 2014

If you use Rails you know that Rails also has some pretty weird routes for default.


And if you're like me you're wondering how is the browser understanding those requests. The requests are correct, and should be used but nowadays browsers only understand GET and POST queries. That's why they are often not used correctly and have lost a lot of meaning in web development.

So first, here's how Rails is doing it, by including jQuery_ujs, a jQuery plugin specially made for Rails that permits the use of those other verbs (DELETE, PUT, PATCH...).

What you write in Rails looks like that by the way.

<%= link_to 'Destroy', controller, data: {:confirm => 'Are you sure?'}, :method => :delete %>

And what it does is that it creates a link that will actually send a hidden form using POST with an input telling Rails it's actually a DELETE.

It's a hack. But it feels nice.

PS: And that's not all, jQuery_ujs does other useful things.

Rails is not a Ruby framework. It's a ruby+javascript+css framework.

Well done! You've reached the end of my post. Now you can leave me a comment :)