DEV Community

Martin Hicks
Martin Hicks

Posted on • Originally published at martinhicks.dev on

Enhance CSRF package - now supports multipart form data

I've just published a minor update to my CSRF plugin for Enhance projects.

v0.9.0 now supports multipart/form data, meaning you can easily use the <csrf-form></csrf-form> component for forms that contain file uploads.

usage:

<csrf-form method="post" action="/upload" enctype="multipart/form-data">
  <input type="file" name="file" />
</csrf-form>

Enter fullscreen mode Exit fullscreen mode

outputs:

<form action="/si-novi/christopher-dee/media/upload" method="post" enctype="multipart/form-data">
  <input type="hidden" name="csrf" value="540c460e-946e-4c78-8c8d-63c4cd091ee9"> <!-- auto-generated hidden input with the unique csrf token for this request (use with verifyCsrfToken on your post handler) -->
  <input type="file" name="file">
</form>

Enter fullscreen mode Exit fullscreen mode

Additionally, I've also improved the html generation for the component so you can now include all the following optional attributes and they'll pass-through into your HTML <form> element.

enctype
target
acceptCharset
autocomplete
id
novalidate
rel

Enter fullscreen mode Exit fullscreen mode

Of course you can still use the standaone <csrf-input></csrf-input> if you'd prefer to use a standard form tag.

Get in touch

Any feedback on your usage of this plugin, bugs, or suggestions for improvements please get in touch on GitHub. I'd love to hear from you.


Top comments (0)