Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom actions are triggered on hover (not click!) in 3.2 #3701

Open
MichaelHoste opened this issue Sep 27, 2024 · 0 comments
Open

Custom actions are triggered on hover (not click!) in 3.2 #3701

MichaelHoste opened this issue Sep 27, 2024 · 0 comments

Comments

@MichaelHoste
Copy link

Hi there, we found what we think is a very serious issue in the 3.2 release.

Describe the bug

It seems that with this new release, when a link is hovered, the linked page is preloaded in the background. Maybe it's a new default behavior of turbo-rails?

The issue is that it also preloads custom actions ⚠️

As you may have guessed, custom actions are usually destructive actions (remove user, charge payment, cancel payment, etc.) and these destructive actions are now triggered silently just by hovering the button.

Reproduction steps

Here is what happened to us (luckily in staging!), users were silently removed just by hovering a button:

Screen.Recording.2024-09-27.at.11.51.38.mov

Expected behavior

Is it really useful to preload every hovered link?
I guess we should at least disable this behavior from custom actions.

Additional context

  • rails version: 7.0.8.4
  • rails_admin version: 3.2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MichaelHoste