THT is in early Beta. We welcome contributors & feedback.


Web.tempGetInput(method, inputName, inputType = 'token')


TemporaryThis method will be removed when a more complete form-handling solution is added.

Get an input value submitted by the user, via form (POST) or URL query string (GET).

inputName corresponds to the name attribute of the form field.

method can be get or post.

// Example GET
// URL:

let query = Web.tempGetInput('get', 'topicId', 'id');
//= 1234

// Example POST from a form
let userId  = Web.tempGetInput('post', 'userId', 'id');
let subject = Web.tempGetInput('post', 'commentTitle', 'text');
let comment = Web.tempGetInput('post', 'commentBody', 'textarea');

Input Types

Values that do not pass validation for the given inputType are returned as an empty string ''.

inputType can be any one of the following:

    Allowed: letters & digits (a-z A-Z 0-9)
    Examples: 'a52ba452', 'july', 'myUserName'
    Max Length: 64

    Allowed: digits (0-9)
    Examples: 12345
    Max Length: 8

    Allowed: digits & number symbols/separators (0-9 - . , ')
    Examples: 23, -1, 2.345, 1,000 
    Max Length: 10

    Allowed: ____@____.___
    Max Length: 80

    Allowed: true | false | 1 | 0

text (one line of text)
    Transforms: strip HTML tags, newlines to spaces
    Max Length: 120

textarea (multiple lines of text)
    Transforms: strip HTML tags, crunch whitespace
    Max Length: none

    Raw value with no validation.


Cross-origin requests are not allowed for non-GET requests, because they can be used in Cross-Site Request Forgery (CSRF) attacks.

If you must get input from cross-origin requests, set method to dangerDangerRemote.