Rails 3 Form Helpers: UTF8 and other hidden fields

Question

The view:

<%= form_for :blog_post do |f| %>
  <ul>
    <li>
      <%=  f.label :title %>
      <%= f.text_field :title, :type => 'text', :id => 'title', :size => '', :limit => '255' %>
    </li>

  </ul>
<% end %>

<!DOCTYPE html> 
    <html> 
    <head> 
      <title>LevihackwithCom</title> 

      <script src="/javascripts/prototype.js?1285902540" type="text/javascript"></script> 
    <script src="/javascripts/effects.js?1285902540" type="text/javascript"></script> 
    <script src="/javascripts/dragdrop.js?1285902540" type="text/javascript"></script> 
    <script src="/javascripts/controls.js?1285902540" type="text/javascript"></script> 
    <script src="/javascripts/rails.js?1285902540" type="text/javascript"></script> 
    <script src="/javascripts/application.js?1285902540" type="text/javascript"></script> 
      <meta name="csrf-param" content="authenticity_token"/> 
    <meta name="csrf-token" content="UnhGSHHanJHfgJYhnksqJ1bfq3W+QEU2GJqLAMs2DmI="/> 
    </head> 
    <body> 

    <form accept-charset="UTF-8" action="/blog_post/new" method="post"><div style="margin:0;padding:0;display:inline"><input name="utf8" type="hidden" value="&#x2713;" /><input name="authenticity_token" type="hidden" value="UnhGSHHanJHfgJYhnksqJ1bfq3W+QEU2GJqLAMs2DmI=" /></div> 
      <ul> 
        <li> 
          <label for="blog_post_title">Title</label> 
          <input id="title" limit="255" name="blog_post[title]" size="" type="text" /> 
        </li> 
      </ul> 
    </form> 

    </body> 
    </html> 

I'm messing around with form helpers. The above code shows my view file as well as the HTML it generates. What is with the terrible div full of inline CSS stuffed with hidden fields I didn't explicitly ask for? What settings cause these fields to be generated? Is there a way for me to remove the inline CSS?

Answer 1

These fields are generated in rails forms for robustness:

utf8=✓

The utf8 hidden field ensures that the form values are submitted as UTF8. It does this by ensuring that at least one UTF8 character in the form gets submitted. Most browsers respect the document's encoding and treat the form values the same, but there's one browser that has a problem. Hence, utf8 gets a checkmark.

The authenticity_token is there to prevent cross-site request forgery.

Similar hidden fields get generated for checkboxes. Since unchecked checkboxes don't get submitted to the server, a hidden field ensures that a "0" (false) value gets submitted: this is helpful when you have an array of checkboxes.

These fields get wrapped in a div with inline styles to ensure that they don't break the layout. You could poke around in the form helper source code and override this, but I wouldn't recommend it: it's minimally intrusive, and it's there for a reason.