Skip to content

feat(gnoweb): form - input md extension #4061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 62 commits into from
Jun 23, 2025
Merged

feat(gnoweb): form - input md extension #4061

merged 62 commits into from
Jun 23, 2025

Conversation

alexiscolin
Copy link
Member

@alexiscolin alexiscolin commented Apr 5, 2025
edited
Loading

This PR introduces secure and interactive form handling capabilities to Gno realms, enabling user input through markdown-based forms with built-in security measures.

Technical Implementation

HTTP Handler Enhancements

  • Implemented POST request handling with form data processing in realms
  • Automatic transformation of form data into query parameters
  • GET request redirection for state management
  • Integration with the mux package for internal realm argument modification

Markdown Extensions

  • Introduced custom HTML tags:
    • <gno-form>: Container for form elements
    • <gno-input>: Text input fields (text only)
  • Attribute Support:
    • Required name attribute for input identification
    • Optional placeholder for user guidance
  • Automatic UI Components (for Security and UX):
    • Submit button generation
    • Input labels with placeholder fallback
    • Realm namespace display
    • Security tooltip

Security & UX Features

  • Realm-specific form processing (no cross-realm submissions)
  • Clear visual indication of form ownership
  • Security tooltip explaining the local processing
  • Automatic label generation with placeholder fallback
  • Input validation and error handling

Validation Rules

  • Required name attribute enforcement
  • Nested form prevention
  • Duplicate attribute detection
  • Proper HTML tag closure verification

Example Implementation

<gno-form>
  <gno-input name="username" placeholder="Enter your name" />
  <gno-input name="email" placeholder="Enter your email" />
</gno-form>

When submitted, the form data is automatically transformed into query parameters and redirected as a GET request. The realm must implement the necessary logic to handle these parameters and update its state accordingly.

Security Considerations

  • All form processing occurs within the realm's namespace
  • No cross-realm form submissions allowed
  • Input validation at both client and server levels
  • Clear visual indicators of form ownership and security
Form Implementation Example

@github-actions github-actions bot added the 📦 ⛰️ gno.land Issues or PRs gno.land package related label Apr 5, 2025
@Gno2D2 Gno2D2 requested a review from gfanton April 5, 2025 12:46
@Gno2D2 Gno2D2 added the review/triage-pending PRs opened by external contributors that are waiting for the 1st review label Apr 5, 2025
@Gno2D2
Copy link
Collaborator

Gno2D2 commented Apr 5, 2025
edited
Loading

🛠 PR Checks Summary

All Automated Checks passed. ✅

Manual Checks (for Reviewers):
  • IGNORE the bot requirements for this PR (force green CI check)
Read More

🤖 This bot helps streamline PR reviews by verifying automated checks and providing guidance for contributors and reviewers.

✅ Automated Checks (for Contributors):

🟢 Maintainers must be able to edit this pull request (more info)
🟢 Changes related to gnoweb must be reviewed by its codeowners
🟢 Pending initial approval by a review team member, or review from tech-staff

☑️ Contributor Actions:
  1. Fix any issues flagged by automated checks.
  2. Follow the Contributor Checklist to ensure your PR is ready for review.
    • Add new tests, or document why they are unnecessary.
    • Provide clear examples/screenshots, if necessary.
    • Update documentation, if required.
    • Ensure no breaking changes, or include BREAKING CHANGE notes.
    • Link related issues/PRs, where applicable.
☑️ Reviewer Actions:
  1. Complete manual checks for the PR, including the guidelines and additional checks if applicable.
📚 Resources:
Debug
Automated Checks
Maintainers must be able to edit this pull request (more info)

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 The pull request was created from a fork (head branch repo: alexiscolin/gno)

Then

🟢 Requirement satisfied
└── 🟢 Maintainer can modify this pull request
Changes related to gnoweb must be reviewed by its codeowners

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 A changed file matches this pattern: ^gno.land/pkg/gnoweb/ (filename: gno.land/pkg/gnoweb/frontend/css/input.css)

Then

🟢 Requirement satisfied
└── 🟢 Or
    ├── 🟢 Or
    │   ├── 🟢 And
    │   │   ├── 🟢 Pull request author is user: alexiscolin
    │   │   └── 🟢 This user reviewed pull request: gfanton (with state "APPROVED")
    │   └── 🔴 And
    │       ├── 🔴 Pull request author is user: gfanton
    │       └── 🔴 This user reviewed pull request: alexiscolin (with state "APPROVED")
    └── 🔴 And
        ├── 🔴 Not (🟢 Pull request author is user: alexiscolin)
        ├── 🟢 Not (🔴 Pull request author is user: gfanton)
        └── 🟢 Or
            ├── 🔴 This user reviewed pull request: alexiscolin (with state "APPROVED")
            └── 🟢 This user reviewed pull request: gfanton (with state "APPROVED")
Pending initial approval by a review team member, or review from tech-staff

If

🟢 Condition met
└── 🟢 And
    ├── 🟢 The base branch matches this pattern: ^master$
    └── 🟢 Not (🔴 Pull request author is a member of the team: tech-staff)

Then

🟢 Requirement satisfied
└── 🟢 If
    ├── 🟢 Condition
    │   └── 🟢 Or
    │       ├── 🟢 At least 1 user(s) of the organization reviewed the pull request (with state "APPROVED")
    │       ├── 🟢 At least 1 user(s) of the team tech-staff reviewed pull request
    │       └── 🔴 This pull request is a draft
    └── 🟢 Then
        └── 🟢 And
            ├── 🟢 Not (🔴 This label is applied to pull request: review/triage-pending)
            └── 🟢 At least 1 user(s) of the team tech-staff reviewed pull request
Manual Checks
**IGNORE** the bot requirements for this PR (force green CI check)

If

🟢 Condition met
└── 🟢 On every pull request

Can be checked by

  • Any user with comment edit permission

github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 5, 2025
View reviewed changes
@codecov Codecov
Copy link

codecov bot commented Apr 5, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 73.93365% with 55 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
gno.land/pkg/gnoweb/markdown/ext_forms.go 81.87% 27 Missing and 4 partials ⚠️
gno.land/pkg/gnoweb/handler.go 17.24% 24 Missing ⚠️

📢 Thoughts on this report? Let us know!

@alexiscolin alexiscolin marked this pull request as draft April 5, 2025 12:50
@Gno2D2 Gno2D2 removed the review/triage-pending PRs opened by external contributors that are waiting for the 1st review label Apr 5, 2025
@alexiscolin alexiscolin added the 🌍 gnoweb Issues & PRs related to gnoweb and render label Apr 5, 2025
@alexiscolin alexiscolin changed the title WIP(gnoweb): form - input extension feat(gnoweb): form - input md extension Apr 7, 2025
@alexiscolin alexiscolin marked this pull request as ready for review April 7, 2025 08:25
@alexiscolin alexiscolin marked this pull request as draft April 7, 2025 08:25
moul
moul reviewed Jun 3, 2025
View reviewed changes
leohhhn added a commit that referenced this pull request Jun 5, 2025
@leohhhn
feat(examples): make /r/gnoland/coins better (#4306)
47d4498 
## Description

Adds more features to the realm, such as a full balance page, an option
to search with a cosmos address that gets converted to a `g1..`
automatically.

dep on: #4325, #4326 

todo: 
- [x] fix realm-issued coin denom case ie
`/gno.land/r/gnoland/coins:zeoncoin`
- [x] add tests
- [ ] when #4061 is merged, add the form to the convert page
gfanton
gfanton reviewed Jun 20, 2025
View reviewed changes
@alexiscolin alexiscolin requested a review from gfanton June 22, 2025 03:17
@zivkovicmilos
Copy link
Member

@alexiscolin checking 🙏

zivkovicmilos
zivkovicmilos approved these changes Jun 23, 2025
View reviewed changes
Copy link
Member

@zivkovicmilos zivkovicmilos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 💯

@zivkovicmilos
Copy link
Member

@mvertes

I think you can provide the best feedback on this in the future (out of the scope for the PR), but this parser design we use for the tokens feels like it could use a bit of love. I'm not a huge fan of the current API, maybe we can improve it in the future -- just something to keep in mind 🙏

@zivkovicmilos zivkovicmilos merged commit dfe083b into gnolang:master Jun 23, 2025
71 of 72 checks passed
@github-project-automation github-project-automation bot moved this from In Progress to Done in 💪 Bounties & Worx Jun 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moul moul moul left review comments

@zivkovicmilos zivkovicmilos zivkovicmilos approved these changes

@leohhhn leohhhn leohhhn approved these changes

@gfanton gfanton gfanton approved these changes

Assignees

@alexiscolin alexiscolin

Labels
🌍 gnoweb Issues & PRs related to gnoweb and render 📦 ⛰️ gno.land Issues or PRs gno.land package related 🧾 package/realm Tag used for new Realms or Packages.
Projects
💪 Bounties & Worx
Status: Done
🧙‍♂️gno.land core team
Status: Done
Milestone
🚀 Mainnet beta launch
Development

Successfully merging this pull request may close these issues.
8 participants
@alexiscolin @Gno2D2 @notJoon @leohhhn @Kouteki @zivkovicmilos @moul @gfanton