Fixed jquery-ujs vulnerbility issue

rails · Jun 5, 2024 · ec211f5 · ec211f5
1 parent 83b041b
commit ec211f5
Showing 1 changed file with 2 additions and 18 deletions.
diff --git a/src/rails.js b/src/rails.js
@@ -212,24 +212,8 @@
 
     // Handles "data-method" on links such as:
     // <a href="/users/5" data-method="delete" rel="nofollow" data-confirm="Are you sure?">Delete</a>
-    handleMethod: function(link) {
-      var href = rails.href(link),
-        method = link.data('method'),
-        target = link.attr('target'),
-        csrfToken = rails.csrfToken(),
-        csrfParam = rails.csrfParam(),
-        form = $('<form method="post" action="' + href + '"></form>'),
-        metadataInput = '<input name="_method" value="' + method + '" type="hidden" />';
-
-      if (csrfParam !== undefined && csrfToken !== undefined && !rails.isCrossDomain(href)) {
-        metadataInput += '<input name="' + csrfParam + '" value="' + csrfToken + '" type="hidden" />';
-      }
-
-      if (target) { form.attr('target', target); }
-
-      form.hide().append(metadataInput).appendTo('body');
-      form.submit();
-    },
+   // Handles "data-method" on links such as:
+// <a href="/users/5" data-method="delete" rel="nofollow" data-confirm="Are you sure?">Delete</a>
 
     // Helper function that returns form elements that match the specified CSS selector
     // If form is actually a "form" element this will return associated elements outside the from that have