414 lines
12 KiB
Markdown
414 lines
12 KiB
Markdown
|
# Changelog
|
||
|
|
||
|
## v3.3.3 (2023-10-09)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow string fields on `input_changed?`
|
||
|
|
||
|
## v3.3.2 (2023-08-10)
|
||
|
|
||
|
* Enhancements
|
||
|
* Address deprecations in Elixir v1.16+
|
||
|
|
||
|
* Deprecations
|
||
|
* Deprecate `inputs_for/2` and `inputs_for/3` (without anonymous functions)
|
||
|
|
||
|
## v3.3.1 (2023-02-27)
|
||
|
|
||
|
* Bug fix
|
||
|
* Set display to none on generated forms
|
||
|
* Warn for maps with atom keys
|
||
|
|
||
|
## v3.3.0 (2023-02-10)
|
||
|
|
||
|
* Enhancements
|
||
|
* Support deeply nested class lists
|
||
|
* Implement Phoenix.HTML.Safe for URI
|
||
|
* Implement Phoenix.HTML.FormData for Map
|
||
|
|
||
|
* Bug fix
|
||
|
* Generate unique IDs for checkboxes based on the value
|
||
|
* Use artificial button click instead of `form.submit` in JavaScript to trigger all relevant events
|
||
|
* Fix a bug where nil/false/true attributes in `aria`/`data`/`phx` would emit empty or literal values, such as `"true"` and `"false"`. This release aligns them with all other attributes so both `nil` and `false` emit nothing. `true` emits the attribute with no value.
|
||
|
|
||
|
* Deprecations
|
||
|
* `Phoenix.HTML.Tag.attributes_escape/1` is deprecated in favor of `Phoenix.HTML.attributes_escape/1`
|
||
|
|
||
|
## v3.2.0 (2021-12-18)
|
||
|
|
||
|
* Enhancements
|
||
|
* Raise if the `id` attribute is set to a number. This is actually an invalid value according to the HTML spec and it can lead to problematic client behaviour, especially in LiveView and other client frameworks.
|
||
|
* Allow `phx` attributes to be nested, similar to `aria` and `data` attributes
|
||
|
* Allow hidden fields in forms to be a list of values
|
||
|
|
||
|
## v3.1.0 (2021-10-23)
|
||
|
|
||
|
* Bug fix
|
||
|
* Do not submit data-method links if default has been prevented
|
||
|
* Deprecations
|
||
|
* Deprecate `~E` and `Phoenix.HTML.Tag.attributes_escape/1`
|
||
|
* Remove deprecated `Phoenix.HTML.Link.link/1`
|
||
|
|
||
|
## v3.0.4 (2021-09-23)
|
||
|
|
||
|
* Bug fix
|
||
|
* Ensure `class={@class}` in HEEx templates and `:class` attribute in `content_tag` are properly escaped against XSS
|
||
|
|
||
|
## v3.0.3 (2021-09-04)
|
||
|
|
||
|
* Bug fix
|
||
|
* Fix sorting of attributes in `tag`/`content_tag`
|
||
|
|
||
|
## v3.0.2 (2021-08-19)
|
||
|
|
||
|
* Enhancements
|
||
|
* Support maps on `Phoenix.HTML.Tag.attributes_escape/1`
|
||
|
|
||
|
## v3.0.1 (2021-08-14)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `Phoenix.HTML.Tag.csrf_input_tag/2`
|
||
|
|
||
|
## v3.0.0 (2021-08-06)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow extra html attributes on the `:prompt` option in `select`
|
||
|
* Make `Plug` an optional dependency
|
||
|
* Prefix form id on inputs when it is given to `form_for/3`
|
||
|
* Allow `%URI{}` to be passed to `link/2` and `button/2` as `:to`
|
||
|
* Expose `Phoenix.HTML.Tag.csrf_token_value/1`
|
||
|
* Add `Phoenix.HTML.Tag.attributes_escape/1`
|
||
|
|
||
|
* Bug fixes
|
||
|
* Honor the `form` attribute when creating hidden checkbox input
|
||
|
* Use `to_iso8601` as the standard implementation for safe dates and times
|
||
|
|
||
|
* Deprecations
|
||
|
* `form_for` without an anonymous function has been deprecated. v3.0 has deprecated the usage, v3.1 will emit warnings, and v3.2 will fully remove the functionality
|
||
|
|
||
|
* Backwards incompatible changes
|
||
|
* Strings given as attributes keys in `tag` and `content_tag` are now emitted as is (without being dasherized) and are also HTML escaped
|
||
|
* Prefix form id on inputs when it is given to `form_for/3`
|
||
|
* By default dates and times will format to the `to_iso8601` functions provided by their implementation
|
||
|
* Do not include `csrf-param` and `method-param` in generated `csrf_meta_tag`
|
||
|
* Remove deprecated `escape_javascript` in favor of `javascript_escape`
|
||
|
* Remove deprecated `field_value` in favor of `input_value`
|
||
|
* Remove deprecated `field_name` in favor of `input_name`
|
||
|
* Remove deprecated `field_id` in favor of `input_id`
|
||
|
|
||
|
## v2.14.3 (2020-12-12)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Fix warnings on Elixir v1.12
|
||
|
|
||
|
## v2.14.2 (2020-04-30)
|
||
|
|
||
|
* Deprecations
|
||
|
* Deprecate `Phoenix`-specific assigns `:view_module` and `:view_template`
|
||
|
|
||
|
## v2.14.1 (2020-03-20)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `Phoenix.HTML.Form.options_for_select/2`
|
||
|
* Add `Phoenix.HTML.Form.inputs_for/3`
|
||
|
|
||
|
* Bug fixes
|
||
|
* Disable hidden input for disabled checkboxes
|
||
|
|
||
|
## v2.14.0 (2020-01-28)
|
||
|
|
||
|
* Enhancements
|
||
|
* Remove enforce_utf8 workaround on forms as it is no longer required by browser
|
||
|
* Remove support tuple-based date/time with microseconds calendar types
|
||
|
* Allow strings as first element in `content_tag`
|
||
|
* Add `:srcset` support to `img_tag`
|
||
|
* Allow `inputs_for` to skip hidden fields
|
||
|
|
||
|
## v2.13.4 (2020-01-28)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Fix invalid :line in Elixir v1.10.0
|
||
|
|
||
|
## v2.13.3 (2019-05-31)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add atom support to FormData
|
||
|
|
||
|
* Bug fixes
|
||
|
* Keep proper line numbers on .eex templates for proper coverage
|
||
|
|
||
|
## v2.13.2 (2019-03-29)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Stop event propagation when confirm dialog is canceled
|
||
|
|
||
|
## v2.13.1 (2019-01-05)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow safe content to be given to label
|
||
|
* Also escale template literals in `javascript_escape/1`
|
||
|
|
||
|
* Bug fixes
|
||
|
* Fix deprecation warnings to point to the correct alternative
|
||
|
|
||
|
## v2.13.0 (2018-12-09)
|
||
|
|
||
|
* Enhancements
|
||
|
* Require Elixir v1.5+ for more efficient template compilation/rendering
|
||
|
* Add `Phoenix.HTML.Engine.encode_to_iodata!/1`
|
||
|
* Add `Phoenix.HTML.Form.form_for/3` that works without an anonymous function
|
||
|
|
||
|
* Deprecations
|
||
|
* Deprecate `Phoenix.HTML.escape_javascript/1` in favor of `Phoenix.HTML.javascript_escape/1` for consistency
|
||
|
|
||
|
## v2.12.0 (2018-08-06)
|
||
|
|
||
|
* Enhancements
|
||
|
* Configurable and extendable data-confirm behaviour
|
||
|
* Allow data-confirm with submit buttons
|
||
|
* Support ISO 8601 formatted strings for date and time values
|
||
|
|
||
|
* Bug fixes
|
||
|
* Provide a default id of the field name for `@conn` based forms
|
||
|
|
||
|
## v2.11.2 (2018-04-13)
|
||
|
|
||
|
* Enhancements
|
||
|
* Support custom precision on time input
|
||
|
|
||
|
* Bug fixes
|
||
|
* Do not raise when `:` is part of a path on link/button attributes
|
||
|
|
||
|
## v2.11.1 (2018-03-20)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `label/1`
|
||
|
* Copy the target attribute of the link in the generated JS form
|
||
|
|
||
|
* Bug fixes
|
||
|
* Support any value that is html escapable in `radio_button`
|
||
|
|
||
|
## v2.11.0 (2018-03-09)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add date, datetime-local and time input types
|
||
|
* Enable string keys to be usable with forms
|
||
|
* Support carriage return in `text_to_html`
|
||
|
* Add support for HTML5 boolean attributes to `content_tag` and `tag`
|
||
|
* Improve performance by relying on `html_safe_to_iodata/1`
|
||
|
* Protect against CSRF tokens leaking across hosts when the POST URL is dynamic
|
||
|
* Require `to` attribute in links and buttons to explicitly pass protocols as a separate option for safety reasons
|
||
|
|
||
|
* Bug fixes
|
||
|
* Guarantee `input_name/2` always returns strings
|
||
|
* Improve handling of uncommon whitespace and null in `escape_javascript`
|
||
|
* Escape value attribute so it is never treated as a boolean
|
||
|
|
||
|
* Backwards incompatible changes
|
||
|
* The :csrf_token_generator configuration in the Phoenix.HTML app no longer works due to the improved security mechanisms
|
||
|
|
||
|
## v2.10.5 (2017-11-08)
|
||
|
|
||
|
* Enhancements
|
||
|
* Do not require the :as option in form_for
|
||
|
|
||
|
## v2.10.4 (2017-08-15)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Fix formatting of days in datetime_builder
|
||
|
|
||
|
## v2.10.3 (2017-07-30)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow specifying a custom CSRF token generator
|
||
|
|
||
|
* Bug fixes
|
||
|
* Do not submit `method: :get` in buttons as "post"
|
||
|
|
||
|
## v2.10.2 (2017-07-24)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Traverse DOM elements up when handling data-method
|
||
|
|
||
|
## v2.10.1 (2017-07-22)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Only generate CSRF token if necessary
|
||
|
|
||
|
## v2.10.0 (2017-07-21)
|
||
|
|
||
|
* Enhancements
|
||
|
* Support custom attributes in options in select
|
||
|
|
||
|
* Bug fixes
|
||
|
* Accept non-binary values in textarea's content
|
||
|
* Allow nested forms on the javascript side. This means `link` and `button` no longer generate a child form such as the `:form` option has no effect and "data-submit=parent" is no longer supported. Instead "data-to" and "data-method" are set on the entities and the form is generated on the javascript side of things
|
||
|
|
||
|
## v2.9.3 (2016-12-24)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Once again support any name for atom forms
|
||
|
|
||
|
## v2.9.2 (2016-12-24)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Always read from `form.params` and then from `:selected` in `select` and `multiple_select` before falling back to `input_value/2`
|
||
|
|
||
|
## v2.9.1 (2016-12-20)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Implement proper `input_value/3` callback
|
||
|
|
||
|
## v2.9.0 (2016-12-19)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `img_tag/2` helper to `Phoenix.HTML.Tag`
|
||
|
* Submit nearest form even if not direct descendent
|
||
|
* Use more iodata for `tag/2` and `content_tag/3`
|
||
|
* Add `input_value/3`, `input_id/2` and `input_name/2` as a unified API around the input (alongside `input_type/3` and `input_validations/2`)
|
||
|
|
||
|
## v2.8.0 (2016-11-15)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `csrf_meta_tag/0` helper to `Phoenix.HTML.Tag`
|
||
|
* Allow passing a `do:` option to `Phoenix.HTML.Link.button/2`
|
||
|
|
||
|
## v2.7.0 (2016-09-21)
|
||
|
|
||
|
* Enhancements
|
||
|
* Render button tags for form submits and in the `button/2` function
|
||
|
* Allow `submit/2` and `button/2` to receive `do` blocks
|
||
|
* Support the `:multiple` option in `file_input/3`
|
||
|
* Remove previously deprecated and unused `model` field
|
||
|
|
||
|
## v2.6.1 (2016-07-08)
|
||
|
|
||
|
* Enhancements
|
||
|
* Remove warnings on v1.4
|
||
|
|
||
|
* Bug fixes
|
||
|
* Ensure some contents are properly escaped as an integer
|
||
|
* Ensure JavaScript data-submit events bubble up until it finds the proper parent
|
||
|
|
||
|
## v2.6.0 (2016-06-16)
|
||
|
|
||
|
* Enhancements
|
||
|
* Raise helpful error when using invalid iodata
|
||
|
* Inline date/time API with Elixir v1.3 Calendar types
|
||
|
* Add `:insert_brs` option to `text_to_html/2`
|
||
|
* Run on Erlang 19 without warnings
|
||
|
|
||
|
* Client-side changes
|
||
|
* Use event delegation in `phoenix_html.js`
|
||
|
* Drop IE8 support on `phoenix_html.js`
|
||
|
|
||
|
* Backwards incompatible changes
|
||
|
* `:min`, `:sec` option in `Phoenix.HTML.Form` (`datetime_select/3` and `time_select/3`) are no longer supported. Use `:minute` or `:second` instead.
|
||
|
|
||
|
## v2.5.1 (2016-03-12)
|
||
|
|
||
|
* Bug fixes
|
||
|
* Ensure multipart files work with inputs_for
|
||
|
|
||
|
## v2.5.0 (2016-01-28)
|
||
|
|
||
|
* Enhancements
|
||
|
* Introduce `form.data` field instead of `form.model`. Currently those values are kept in sync then the form is built but `form.model` will be deprecated in the long term
|
||
|
|
||
|
## v2.4.0 (2016-01-21)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `rel=nofollow` auto generation for non-get links
|
||
|
* Introduce `:selected` option for `select` and `multiple_select`
|
||
|
|
||
|
* Bug fixes
|
||
|
* Fix safe engine incorrectly marking safe code as unsafe when last expression is `<% ... %>`
|
||
|
|
||
|
## v2.3.0 (2015-12-16)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `escape_javascript/1`
|
||
|
* Add helpful error message when using unknown `@inner` assign
|
||
|
* Add `Phoenix.HTML.Format.text_to_html/2`
|
||
|
|
||
|
## v2.2.0 (2015-09-01)
|
||
|
|
||
|
* Bug fix
|
||
|
* Allow the `:name` to be given in forms. For this, using `:name` to configure the underlying input name prefix has been deprecated in favor of `:as`
|
||
|
|
||
|
## v2.1.2 (2015-08-22)
|
||
|
|
||
|
* Bug fix
|
||
|
* Do not include values in `password_input/3`
|
||
|
|
||
|
## v2.1.1 (2015-08-15)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow nil in `raw/1`
|
||
|
* Allow block options in `label/3`
|
||
|
* Introduce `:skip_deleted` in `inputs_for/4`
|
||
|
|
||
|
## v2.1.0 (2015-08-06)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add an index field to forms to be used by `inputs_for/4` collections
|
||
|
|
||
|
## v2.0.1 (2015-07-31)
|
||
|
|
||
|
* Bug fix
|
||
|
* Include web directory in Hex package
|
||
|
|
||
|
## v2.0.0 (2015-07-30)
|
||
|
|
||
|
* Enhancements
|
||
|
* No longer generate onclick attributes.
|
||
|
|
||
|
The main motivation for this is to provide support
|
||
|
for Content Security Policy, which recommends
|
||
|
disabling all inline scripts in a page.
|
||
|
|
||
|
We took the opportunity to also add support for
|
||
|
data-confirm in `link/2`.
|
||
|
|
||
|
## v1.4.0 (2015-07-26)
|
||
|
|
||
|
* Enhancements
|
||
|
* Support `input_type/2` and `input_validations/2` as reflection mechanisms
|
||
|
|
||
|
## v1.3.0 (2015-07-23)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `Phoenix.HTML.Form.inputs_for/4` support
|
||
|
* Add multiple select support
|
||
|
* Add reset input
|
||
|
* Infer default text context for labels
|
||
|
|
||
|
## v1.2.1 (2015-06-02)
|
||
|
|
||
|
* Bug fix
|
||
|
* Ensure nil parameters are not discarded when rendering input
|
||
|
|
||
|
## v1.2.0 (2015-05-30)
|
||
|
|
||
|
* Enhancements
|
||
|
* Add `label/3` for generating a label tag within a form
|
||
|
|
||
|
## v1.1.0 (2015-05-20)
|
||
|
|
||
|
* Enhancements
|
||
|
* Allow do/end syntax with `link/2`
|
||
|
* Raise on missing assigns
|
||
|
|
||
|
## v1.0.1
|
||
|
|
||
|
* Bug fixes
|
||
|
* Avoid variable clash in Phoenix.HTML engine buffers
|
||
|
|
||
|
## v1.0.0
|
||
|
|
||
|
* Enhancements
|
||
|
* Provides an EEx engine with HTML safe rendering
|
||
|
* Provides a `Phoenix.HTML.Safe` protocol
|
||
|
* Provides a `Phoenix.HTML.FormData` protocol
|
||
|
* Provides functions for generating tags, links and form builders in a safe way
|