Research History manipulation influence and Form data

rumkin / pill

Add dynamic content loading to static sites with only 1 KiB of JS

https://rumkin.github.io/pill/

MIT License

383 stars 19 forks source link

Research History manipulation influence and Form data #15

Open rumkin opened 4 years ago

rumkin commented 4 years ago

Currently data input in form fields will be lost when navigating through history. It could cause to data loss. Browsers are preserving it in some cases. Pill's implementation should be as close to default browser behavior as possible.

tamb commented 4 years ago

Maybe a series of plugins or extensions to pill. Think of it like webpack plugins except you add them into your hooks.

onMounting(){
PreserveFormPlugin()
}

??? Wondering if this is a way to add functionality without sacrificing core. Another plugin could be added for dynamic script tags. How do you want people to enhance your library? Should chaining be added? More config options?

I'd gladly help write plugins

rumkin commented 4 years ago

Pill should emulate browsers one-to-one and support this out of the box due to standard behavior is the most expected behavior. So it couldn't be a plugin.

Wondering if this is a way to add functionality without sacrificing core.

Current hooks structure covers almost every step of Pill's work. If it's not so, then it should be fixed. And yes this is the way to enhance Pill. But as I written above it's the core feature.

How do you want people to enhance your library?

Good question. I have only general idea of how to do it. Opened #17 issue for extensibility discussion.

rumkin commented 4 years ago

I'd gladly help write plugins

It would be super!

rumkin commented 3 years ago

There is an issue with the beforeunload event which wouldn't be triggered for intermediary pages. It could be solved by using hook onUnmounting or pill:unmounting event to dispatch beforeunload as a custom event. It should be specified in the docs or added as an option.

tamb commented 3 years ago

@rumkin My concern preserving form data is that it opens up security issues. The data is stored client-side, which really should be avoided.

Perhaps the plugin should come with that warning. Maybe before we push plugins we research security issues with browser history manipulation. I'd be interested to check out how react-router handles this scenario.

rumkin commented 3 years ago

@tamb By the default entered form field value could be restored when user navigates by history. The only field type which shouldn't be stored is the password type. So I think it's ok to store some data into history state itself, while it reproduces the default behaviour.