CODEWITHSUNDEEP
ruby-on-railsruby
Catfish
Catfish

Reputation: 19284

How to encode a query string when using _path helpers?

I currently have this snippet:

edit_case_path(@case, {:name => @case.name})

which generates a path like this:

/cases/4/edit?name=johnson

But to make things more invisible to the user, i'd like my path to be something like this:

/cases/4/edit?asdfjhsdfiojpasfdoj

where asdfjhsdfiojpasfdoj is basically some sort of encoding (base64?) that can be decoded to name=johnson.

How can I do this using the _path helpers?

Upvotes: 2

Views: 2155

Answers (3)

Richard Peck
Richard Peck

Reputation: 76774

Route

To further Tiago Farias's answer, I would ask why are you trying to pass a parameter in the route like that anyway?

Rails operates on a resource-based structure (especially with its routes), which means if you're loading the edit route, this should be loading a resource, right?

I simply don't understand why you're having to pass a parameter to the edit action - surely the edit action, is there for you to edit a resource / object. In this case, you'd be able to populate the name attribute from the resource itself

--

Helpers

If you wanted to use the path helpers like you are, I see no issue in how you're passing the param (from a functionality perspective)

If you wanted to "encode" the URL somehow, you'd be best using one of the encoding pattern like base64 (as recommended by Taryn East). The question is then not about "how do I create the path", but "how do I create the encoded param?"

If you wanted to pass the parameter, you can use the link_to method as you described:

<% name = [[encoding here]] %>
<%= link_to "Your Path", edit_path(@var, {name: name}) %>

Upvotes: 1

Taryn East
Taryn East

Reputation: 27747

I don't think there's a native way to do that with the path-helpers, but you could do something like:

edit_case_path(@case, {:q => base64_encode({:name => @case.name})})

with a helper like:

require 'base64'
def base64_encode(args)
  Base64.encode64(args)
end

and then in your controller:

args =  Base64.decode64(params[:q])

http://ruby-doc.org/stdlib-2.1.2/libdoc/base64/rdoc/Base64.html

Upvotes: 2

Tiago Farias
Tiago Farias

Reputation: 3407

Base64 would not protect you from anything really. Also I don't think you can get away with encoding the url to the client. But if the point is not to let him see the URL at the browser, you should use the HTTP POST method instead of GET. POST sends the same parameters in the body of the request instead of in the URL string. You can configure that in your routes file.

Upvotes: 1

Related Questions