in reply to Pass hard coded param CGI post
>"hard coded"
Back in my day, we called these hidden form elements.
<form action="/cgi-bin/delete.pl" method="POST" accept-charset="UTF-8" +> <div class="form-group"> <label for="id"> Your token</label> <input id="id" name="token" type="text" class="form-control" reado +nly > </div> <div class="form-group"> <input type="hidden" name="key" value="gfgf"> <input type="hidden" name="usr" value="rob"> <button name="submit" type="submit" class="btn btn-primary">Delete< +/button> </div> </form>
Fortunately, we've learned a few things since then, like:
- Send values via method=POST so you don't broadcast your values in the action URL even when using SSL/TLS
- .cgi is a pain to maintain (use Dancer2 or Mojo)
- this pattern of HTML form + cgi processor is inferior to using a modern JavaScript async call to send the data to a RESTful API endpoint (like /cgi-bin/rob/gfgf with method=DELETE, encoded as application/json
To answer your question about what is happening? The browser is resetting the query part of your action (when method=GET, adding only the named form elements to the call to action and stupidly dropping what's in there. I am sure I had actions with query params in them once upon a time, and I don't recall the query string being fully replaced. But in any case, that's what's happening. I bet if you set method=POST and kept that action it would retain your query params. But use the <input type="hidden"..., that's what it's for.
In Section
Seekers of Perl Wisdom