You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Roger Binns <ro...@rogerbinns.com> on 2009/12/03 22:13:09 UTC
Javascript templating for shows/lists
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Can anyone recommend Javascript templating engines that can be used within
the CouchDB server side for implementing shows and lists? The Sofa weblog
app (also described in the book) uses a nice small one from John Resig.
Book section:
http://books.couchdb.org/relax/design-documents/shows#Using%20Templates
Engine:
http://ejohn.org/blog/javascript-micro-templating
I am looking for something a little more complex such as handling
conditionals and automatically HTML escaping all values unless told
otherwise for specific ones (ie make XSS harder to happen accidentally).
I can find several engines that will only run in the browser, or depend on a
DOM being present, or load the templates from a URL, or require a complete
HTML document to be present in the template (lists build row by row). These
are all deal breakers. Some are many kilobytes of code and require other
libraries such as jQuery. Will this much code be a problem for show/list usage?
My plan is for the output to be somewhat plain but functional - ie usable on
a mobile phone. Then client side Javascript runs and adds functionality,
increases information detail, improves formatting etc. An example of this
in sofa is that the CouchDB side formatting provides dates in output which
client side Javascript then reformats and the client side also knows what
the local timezone is. Similarly client side javascript can add in icons,
previews of next items, tooltips etc. This all points to a simpler CouchDB
server side templating engine.
I'll summarise responses in the wiki.
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksYKeIACgkQmOOfHg372QTh2ACeK4yirwjIqvlEaXx+ki6tegLM
/PcAn0SVnuFHFhkl0TWwUDYoWIXH6oAy
=jc5m
-----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Karl Guertin <gr...@gmail.com>.
On Thu, Dec 3, 2009 at 4:55 PM, Zachary Zolton <za...@gmail.com> wrote:
> Mustache.js, by the CouchDB dev team's very own Jan Lehnardt:
> http://github.com/janl/mustache.js
I actually really like this one but it's a bit pure. I have some half
finished hacks to add attribute access and filters.
If you're looking for more options, there's an extended discussion of
templating languages going on in both the CommonJS and the node.js
lists:
CommonJS:
http://groups.google.com/group/commonjs/browse_thread/thread/3783f2112fa3fb4
node:
http://groups.google.com/group/nodejs/browse_thread/thread/b5bf7b7cf094b358
--
Looking for a job. Hire me!
Re: Javascript templating for shows/lists
Posted by Zachary Zolton <za...@gmail.com>.
Mustache.js, by the CouchDB dev team's very own Jan Lehnardt:
http://github.com/janl/mustache.js
This one is an all-around JavaScript utility library:
http://documentcloud.github.com/underscore/#template
This could be something to watch:
http://github.com/lmorchard/jquery-tal-template
On Thu, Dec 3, 2009 at 3:25 PM, Rhett Sutphin <rh...@detailedbalance.net> wrote:
> Hi Roger,
>
> On Dec 3, 2009, at 3:13 PM, Roger Binns wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Can anyone recommend Javascript templating engines that can be used within
>> the CouchDB server side for implementing shows and lists? The Sofa weblog
>> app (also described in the book) uses a nice small one from John Resig.
>>
>> Book section:
>> http://books.couchdb.org/relax/design-documents/shows#Using%20Templates
>>
>> Engine:
>> http://ejohn.org/blog/javascript-micro-templating
>>
>> I am looking for something a little more complex such as handling
>> conditionals and automatically HTML escaping all values unless told
>> otherwise for specific ones (ie make XSS harder to happen accidentally).
>
> You can do conditionals in Resig's microtemplates -- they work sort of like ERB, if you've used that:
>
> <% if (o.foo) { %>
> Foo is true-ish
> <% } else { %>
> Foo is not true-ish
> <% } %>
>
> Automatic HTML escaping might be possible, but you would have to modify the template engine.
>
> Rhett
>
>>
>> I can find several engines that will only run in the browser, or depend on a
>> DOM being present, or load the templates from a URL, or require a complete
>> HTML document to be present in the template (lists build row by row). These
>> are all deal breakers. Some are many kilobytes of code and require other
>> libraries such as jQuery. Will this much code be a problem for show/list usage?
>>
>> My plan is for the output to be somewhat plain but functional - ie usable on
>> a mobile phone. Then client side Javascript runs and adds functionality,
>> increases information detail, improves formatting etc. An example of this
>> in sofa is that the CouchDB side formatting provides dates in output which
>> client side Javascript then reformats and the client side also knows what
>> the local timezone is. Similarly client side javascript can add in icons,
>> previews of next items, tooltips etc. This all points to a simpler CouchDB
>> server side templating engine.
>>
>> I'll summarise responses in the wiki.
>>
>> Roger
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.9 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iEYEARECAAYFAksYKeIACgkQmOOfHg372QTh2ACeK4yirwjIqvlEaXx+ki6tegLM
>> /PcAn0SVnuFHFhkl0TWwUDYoWIXH6oAy
>> =jc5m
>> -----END PGP SIGNATURE-----
>
>
Re: Javascript templating for shows/lists
Posted by Rhett Sutphin <rh...@detailedbalance.net>.
Hi Roger,
On Dec 3, 2009, at 3:13 PM, Roger Binns wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can anyone recommend Javascript templating engines that can be used within
> the CouchDB server side for implementing shows and lists? The Sofa weblog
> app (also described in the book) uses a nice small one from John Resig.
>
> Book section:
> http://books.couchdb.org/relax/design-documents/shows#Using%20Templates
>
> Engine:
> http://ejohn.org/blog/javascript-micro-templating
>
> I am looking for something a little more complex such as handling
> conditionals and automatically HTML escaping all values unless told
> otherwise for specific ones (ie make XSS harder to happen accidentally).
You can do conditionals in Resig's microtemplates -- they work sort of like ERB, if you've used that:
<% if (o.foo) { %>
Foo is true-ish
<% } else { %>
Foo is not true-ish
<% } %>
Automatic HTML escaping might be possible, but you would have to modify the template engine.
Rhett
>
> I can find several engines that will only run in the browser, or depend on a
> DOM being present, or load the templates from a URL, or require a complete
> HTML document to be present in the template (lists build row by row). These
> are all deal breakers. Some are many kilobytes of code and require other
> libraries such as jQuery. Will this much code be a problem for show/list usage?
>
> My plan is for the output to be somewhat plain but functional - ie usable on
> a mobile phone. Then client side Javascript runs and adds functionality,
> increases information detail, improves formatting etc. An example of this
> in sofa is that the CouchDB side formatting provides dates in output which
> client side Javascript then reformats and the client side also knows what
> the local timezone is. Similarly client side javascript can add in icons,
> previews of next items, tooltips etc. This all points to a simpler CouchDB
> server side templating engine.
>
> I'll summarise responses in the wiki.
>
> Roger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAksYKeIACgkQmOOfHg372QTh2ACeK4yirwjIqvlEaXx+ki6tegLM
> /PcAn0SVnuFHFhkl0TWwUDYoWIXH6oAy
> =jc5m
> -----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Benoit Chesneau <bc...@gmail.com>.
mustache or embededjs.
On Thu, Dec 3, 2009 at 10:13 PM, Roger Binns <ro...@rogerbinns.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can anyone recommend Javascript templating engines that can be used within
> the CouchDB server side for implementing shows and lists? The Sofa weblog
> app (also described in the book) uses a nice small one from John Resig.
>
> Book section:
> http://books.couchdb.org/relax/design-documents/shows#Using%20Templates
>
> Engine:
> http://ejohn.org/blog/javascript-micro-templating
>
> I am looking for something a little more complex such as handling
> conditionals and automatically HTML escaping all values unless told
> otherwise for specific ones (ie make XSS harder to happen accidentally).
>
> I can find several engines that will only run in the browser, or depend on a
> DOM being present, or load the templates from a URL, or require a complete
> HTML document to be present in the template (lists build row by row). These
> are all deal breakers. Some are many kilobytes of code and require other
> libraries such as jQuery. Will this much code be a problem for show/list usage?
>
> My plan is for the output to be somewhat plain but functional - ie usable on
> a mobile phone. Then client side Javascript runs and adds functionality,
> increases information detail, improves formatting etc. An example of this
> in sofa is that the CouchDB side formatting provides dates in output which
> client side Javascript then reformats and the client side also knows what
> the local timezone is. Similarly client side javascript can add in icons,
> previews of next items, tooltips etc. This all points to a simpler CouchDB
> server side templating engine.
>
> I'll summarise responses in the wiki.
>
> Roger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAksYKeIACgkQmOOfHg372QTh2ACeK4yirwjIqvlEaXx+ki6tegLM
> /PcAn0SVnuFHFhkl0TWwUDYoWIXH6oAy
> =jc5m
> -----END PGP SIGNATURE-----
>
Re: Javascript templating for shows/lists
Posted by Roger Binns <ro...@rogerbinns.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vlad GURDIGA wrote:
> Did anyone try E4X?
I mention it in the wiki page in the first paragraph as useful for XML based
formats. (The book also refers to using it for generating Atom).
http://wiki.apache.org/couchdb/Generating%20HTML%20from%20Javascript%20shows%20and%20lists
I've added Google's Closure to the list as it has an interesting approach of
ahead of time compilation to Javascript code. (The goal isn't to list every
possible engine but rather a small handful that would be useful to the kind
of people consulting the wiki page for recommendations, and that are known
to work right now.)
Thanks to Nathan I found the attachment to EJS is because it also includes
helper functions that generate the HTML wrapping tags for you. I've
mentioned that in the "Best Practises" section. (Its code for doing this is
in a separate file confusing named views.js and can be used with the other
engines that do not do HTML escaping, with minor tweaking.)
I've tried to get EJS to work. The exact same code and template applied on
a fresh Fedora 12 install results in a single space being returned (as
opposed to an regex error on Ubuntu 9.10). Changing the template didn't
change what was returned. An older EJS version had the same regex error
problem on Ubuntu.
I've yet to hear from anyone what the bugs in Resig's micro-templating
actually are, other than the obvious one that it isn't supported and has no
way of reporting bugs!
Finally I think it is bad idea for the CouchDB book to be using Resig's
micro-templating. (My being uncomfortable with it is why I started this
thread and wiki page.) In addition to the claims of bugs and its lack of
support, not HTML escaping by default sets a bad precedent. Developers new
to CouchDB are likely to follow the book's example and then end up with HTML
output that is prone to XSS attacks or just plain invalid. As CouchDB gets
more popular, I'd hate for there to be a perception that apps using it
generally tend to be broken or are good places to hunt for XSS attacks.
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksaHLcACgkQmOOfHg372QSmuACg232OJt3gbnjQCj+UbpX5/D5J
R7IAn3uzNcsBhkcp1aT29v92CDQ5hOmC
=86F+
-----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Vlad GURDIGA <gu...@gmail.com>.
Did anyone try E4X?
I'm not sure it counts here, but it is kinda working* for me so far...
* http://github.com/gurdiga/cozy
On Thu, Dec 3, 2009 at 11:13 PM, Roger Binns <ro...@rogerbinns.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Can anyone recommend Javascript templating engines that can be used within
> the CouchDB server side for implementing shows and lists? The Sofa weblog
> app (also described in the book) uses a nice small one from John Resig.
>
> Book section:
> http://books.couchdb.org/relax/design-documents/shows#Using%20Templates
>
> Engine:
> http://ejohn.org/blog/javascript-micro-templating
>
> I am looking for something a little more complex such as handling
> conditionals and automatically HTML escaping all values unless told
> otherwise for specific ones (ie make XSS harder to happen accidentally).
>
> I can find several engines that will only run in the browser, or depend on a
> DOM being present, or load the templates from a URL, or require a complete
> HTML document to be present in the template (lists build row by row). These
> are all deal breakers. Some are many kilobytes of code and require other
> libraries such as jQuery. Will this much code be a problem for show/list usage?
>
> My plan is for the output to be somewhat plain but functional - ie usable on
> a mobile phone. Then client side Javascript runs and adds functionality,
> increases information detail, improves formatting etc. An example of this
> in sofa is that the CouchDB side formatting provides dates in output which
> client side Javascript then reformats and the client side also knows what
> the local timezone is. Similarly client side javascript can add in icons,
> previews of next items, tooltips etc. This all points to a simpler CouchDB
> server side templating engine.
>
> I'll summarise responses in the wiki.
>
> Roger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAksYKeIACgkQmOOfHg372QTh2ACeK4yirwjIqvlEaXx+ki6tegLM
> /PcAn0SVnuFHFhkl0TWwUDYoWIXH6oAy
> =jc5m
> -----END PGP SIGNATURE-----
>
Re: Javascript templating for shows/lists
Posted by Nathan Stott <nr...@gmail.com>.
I second what Benoit said. EJS works great. I use it a lot. It does way
more than Resig's simple templating.
On Fri, Dec 4, 2009 at 8:38 AM, Yohei Sasaki <ys...@gmail.com> wrote:
> Hi,
>
> I'm from Rails to Couch. I use embeddedjs, too, because it is similar to
> ERB.
>
> >Also no idea if it does html escaping of values - examining
> >code leads me to believe it does not.
>
> I think so, and I started to develop the library like ActionView.
> http://github.com/yssk22/crayon
>
> This library enables you to write as followings:
>
> <%= h(var) %>
> <%= text_field(doc, "path-to-field") %>
>
> Thanks.
>
> --
> Yohei Sasaki
> http://www.yssk22.info/
>
> On 2009/12/04, at 17:30, Roger Binns wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Benoit Chesneau wrote:
> >> embeddedjs works well here... which crash did you have ?
> >
> > It is probably versioning or something. The error text is:
> >
> > JavaScript function raised error: TypeError: regex.exec is not a
> function
> >
> > I'm using CouchDB 0.10.0 on Ubuntu 9.10. Embeddedjs doesn't look too
> > promising anyway. It is just Javascript embedded in text, but John
> Resig's
> > code can do that too (and with way less code). I do like the error
> > reporting (line number and details) although that seems unlikely to work
> > server side. Also no idea if it does html escaping of values - examining
> > code leads me to believe it does not.
> >
> > Roger
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.9 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iEYEARECAAYFAksYyK0ACgkQmOOfHg372QQ82gCgr/9Gol0FLyDDGRcHyJW9qvjV
> > zcUAn3kvWoBf9nc+E0TJLmyJUP95LcCo
> > =/lQ6
> > -----END PGP SIGNATURE-----
>
>
Re: Javascript templating for shows/lists
Posted by Zachary Zolton <za...@gmail.com>.
Note that Rails has also changed to escaping by default:
http://weblog.rubyonrails.org/2009/10/12/what-s-new-in-edge-rails
On Fri, Dec 4, 2009 at 4:02 PM, Roger Binns <ro...@rogerbinns.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>> http://github.com/yssk22/crayon
>>
>> This library enables you to write as followings:
>>
>> <%= h(var) %>
>> <%= text_field(doc, "path-to-field") %>
>
> embeddedjs includes a views.js file that adds something similar.
>
> My concern about escaping is over simple values. For example if someone
> specifies something like this in a template.
>
> <%= title %>
>
> If the value is not HTML escaped by default then it is a potential source of
> XSS attacks. In the vast majority of cases values should be HTML escaped.
> A separate mechanism can then be used to stop escaping (for example Mustache
> uses different tags and the Python Genshi templating system wraps the value
> in a different class).
>
> Roger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAksZhv4ACgkQmOOfHg372QSUVgCeNqUJn02nvDkmDElF0z6dOwix
> kaUAoI1C3us4P07CuBAy//OLa/pmI4pt
> =72DE
> -----END PGP SIGNATURE-----
>
Re: Javascript templating for shows/lists
Posted by Roger Binns <ro...@rogerbinns.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> http://github.com/yssk22/crayon
>
> This library enables you to write as followings:
>
> <%= h(var) %>
> <%= text_field(doc, "path-to-field") %>
embeddedjs includes a views.js file that adds something similar.
My concern about escaping is over simple values. For example if someone
specifies something like this in a template.
<%= title %>
If the value is not HTML escaped by default then it is a potential source of
XSS attacks. In the vast majority of cases values should be HTML escaped.
A separate mechanism can then be used to stop escaping (for example Mustache
uses different tags and the Python Genshi templating system wraps the value
in a different class).
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksZhv4ACgkQmOOfHg372QSUVgCeNqUJn02nvDkmDElF0z6dOwix
kaUAoI1C3us4P07CuBAy//OLa/pmI4pt
=72DE
-----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Yohei Sasaki <ys...@gmail.com>.
Hi,
I'm from Rails to Couch. I use embeddedjs, too, because it is similar to ERB.
>Also no idea if it does html escaping of values - examining
>code leads me to believe it does not.
I think so, and I started to develop the library like ActionView.
http://github.com/yssk22/crayon
This library enables you to write as followings:
<%= h(var) %>
<%= text_field(doc, "path-to-field") %>
Thanks.
--
Yohei Sasaki
http://www.yssk22.info/
On 2009/12/04, at 17:30, Roger Binns wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Benoit Chesneau wrote:
>> embeddedjs works well here... which crash did you have ?
>
> It is probably versioning or something. The error text is:
>
> JavaScript function raised error: TypeError: regex.exec is not a function
>
> I'm using CouchDB 0.10.0 on Ubuntu 9.10. Embeddedjs doesn't look too
> promising anyway. It is just Javascript embedded in text, but John Resig's
> code can do that too (and with way less code). I do like the error
> reporting (line number and details) although that seems unlikely to work
> server side. Also no idea if it does html escaping of values - examining
> code leads me to believe it does not.
>
> Roger
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAksYyK0ACgkQmOOfHg372QQ82gCgr/9Gol0FLyDDGRcHyJW9qvjV
> zcUAn3kvWoBf9nc+E0TJLmyJUP95LcCo
> =/lQ6
> -----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Roger Binns <ro...@rogerbinns.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Benoit Chesneau wrote:
> Well json resig code is buggy and give less features than embededjs.
What are the bugs in the Resig implementation? (I'll mention them in the
wiki.) Your comment also highlights the biggest problem with it - there is
no bug tracker or development/test/release process behind it, as it is more
a proof of concept.
> Anyway if you don't want logic in templates
I'm averse to having Javascript in the templates. You can see the evolution
of templating in other scripting languages.
> maybe underscore
Underscore is in the same family as Resig and embeddedjs - Javascript code
in the markup.
> though I really don't like having things starting
> with a "_" which is against some common usages.
I guess we have JQuery to blame for popularising the punctuation character
approach
> Also have a look on closure which may be interesting too.
- From reading the docs it looks like it should work. Having a compilation to
Javascript is nice for debugging since you'll find out about syntax errors
at compile time rather than run time. I'll add this one to the wiki once I
get time to install Java etc.
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksZhF8ACgkQmOOfHg372QT0cACfSXeQNvEaEUWAw3thyZbDT+ur
ZGgAnjpYiIxOaEVlW6RJ04bwpQvxgRRu
=Muw5
-----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Benoit Chesneau <bc...@gmail.com>.
On Fri, Dec 4, 2009 at 9:30 AM, Roger Binns <ro...@rogerbinns.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Benoit Chesneau wrote:
>> embeddedjs works well here... which crash did you have ?
>
> It is probably versioning or something. The error text is:
>
> JavaScript function raised error: TypeError: regex.exec is not a function
>
> I'm using CouchDB 0.10.0 on Ubuntu 9.10. Embeddedjs doesn't look too
> promising anyway. It is just Javascript embedded in text, but John Resig's
> code can do that too (and with way less code). I do like the error
> reporting (line number and details) although that seems unlikely to work
> server side. Also no idea if it does html escaping of values - examining
> code leads me to believe it does not.
>
> Roger
Well json resig code is buggy and give less features than embededjs.
Anyway if you don't want logic in templates so indeed mustache or
maybe underscore though I really don't like having things starting
with a "_" which is against some common usages. Also have a look on
closure which may be interesting too.
- benoît
Re: Javascript templating for shows/lists
Posted by Roger Binns <ro...@rogerbinns.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Benoit Chesneau wrote:
> embeddedjs works well here... which crash did you have ?
It is probably versioning or something. The error text is:
JavaScript function raised error: TypeError: regex.exec is not a function
I'm using CouchDB 0.10.0 on Ubuntu 9.10. Embeddedjs doesn't look too
promising anyway. It is just Javascript embedded in text, but John Resig's
code can do that too (and with way less code). I do like the error
reporting (line number and details) although that seems unlikely to work
server side. Also no idea if it does html escaping of values - examining
code leads me to believe it does not.
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksYyK0ACgkQmOOfHg372QQ82gCgr/9Gol0FLyDDGRcHyJW9qvjV
zcUAn3kvWoBf9nc+E0TJLmyJUP95LcCo
=/lQ6
-----END PGP SIGNATURE-----
Re: Javascript templating for shows/lists
Posted by Benoit Chesneau <bc...@gmail.com>.
On Fri, Dec 4, 2009 at 9:06 AM, Roger Binns <ro...@rogerbinns.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>> I'll summarise responses in the wiki.
>
> Thanks for the comments - the wiki is now updated (I actually tried each one
> to verify they work as well as how hard they make XSS).
> http://wiki.apache.org/couchdb/Generating%20HTML%20from%20Javascript%20shows%20and%20lists
>
> mustache.js is the clear best. embeddedjs crashes in regex code. The
> discussions were interesting. I had separately found PURE but it requires
> porting to work server side and is in a flux between version 1 and 2.
>
embeddedjs works well here... which crash did you have ?
- benoît
Re: Javascript templating for shows/lists
Posted by Roger Binns <ro...@rogerbinns.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I'll summarise responses in the wiki.
Thanks for the comments - the wiki is now updated (I actually tried each one
to verify they work as well as how hard they make XSS).
http://wiki.apache.org/couchdb/Generating%20HTML%20from%20Javascript%20shows%20and%20lists
mustache.js is the clear best. embeddedjs crashes in regex code. The
discussions were interesting. I had separately found PURE but it requires
porting to work server side and is in a flux between version 1 and 2.
Roger
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksYwvEACgkQmOOfHg372QQQtgCfSGRjFqOvvLCEqjgU9oORxhTn
uxgAoI7fcgwtyiIRbdsyp7LXBPnCXhuC
=tk0I
-----END PGP SIGNATURE-----