Comments (20)
Just a quick question before I start fixing these. What issues does this cause? When do you want to preserve line breaks on the rendered output?
from riot.
It doesn’t matter whether they’re preserved, but they certainly shouldn’t break anything.
from riot.
I’ll amend that to say it doesn’t usually matter. People have their reasons. It’s not much trouble to escape them either way.
from riot.
And in various situations involving backslashes, too.
from riot.
This is not fixed. \n
is not \u2028
. Why did you bother using a second regular expression at all?
I am also pretty sure this was fixed ages ago, with a test. What happened?
from riot.
Ah, what the heck, I don’t care anymore. The direction your template engine has taken is slightly nauseating. Maybe more than slightly.
’Bye.
from riot.
Sorry, what should I use as the replacement for \u2028
and \u2029
?
Nauseating? What do you mean precisely? What's the issue and how would you fix it?
Two things that are valued on Riot:
- extreme performance
- small file size
I think those two are met on the current template engine.
from riot.
I've pretty much come to the conclusion that escaping these is worthless, and the issue is a troll because:
- It only affects template authors, developers who are fully capable of keeping these characters out of their templates.
- The actual characters themselves display nothing in HTML.
I'm happy to be proven wrong though...
from riot.
Makes perfect sense to me. I'm happy to remove \u2028/9 escapes from the code.
@rminty, what is your reponse to this?
from riot.
Yup, cannot see any reasons why developer would use \u2028/9 characters on templates. A crazy edge case that need not to be addressed. Curious why @rminty was so obsessed with this.
from riot.
Nauseating? What do you mean precisely? What's the issue and how would you fix it?
The fact that you’re moving away from security and consistency in the template engine by:
- Making escaping not the default
- Making edge cases that had been previously fixed fail just because you can’t see a reason for them
- Sacrificing performance and robustness for some warped sense of convenience by squashing all errors involved in accessing a property for whatever reason
To answer your question:
Cool. Mind giving solutions?
Yes, I now mind giving solutions. I gave solutions, they got implemented, and you’ve somehow gone backwards from there. Silently removing test cases instead of fixing your code? Really?
I've pretty much come to the conclusion that escaping these is worthless, and the issue is a troll because:
This is another reason why I’m tired of helping. Yawn.
from riot.
Oops, missed a part.
Sorry, what should I use as the replacement for
\u2028
and\u2029
?
How about… \u2028
and \u2029
?
from riot.
@rminty looks like you are missing the point here: \u2028
and \u2029
characters on templates are not valid use cases. There is no reason to tests for cases that are never used. This is especially important for Riot where code size is critical. You are taking an extreme use case and making it a major issue.
I can also see you are being upset about the comments here which made your comments emotional and harsh. I'm sorry you feel that way. Hope you can help on other areas in future.
from riot.
The thing is, it looks like you’re going out of your way to make them not work. They were already working, and there is already an escape map; adding the second regular expression that silently changes a pair of completely valid characters makes it:
- longer
- incorrect
If you’re truly aiming for a lean template engine, drop it all together and let an actual error happen. The error will be confusing, but at least less confusing than a squash-all-errors policy. Same thing for the try
. Did you benchmark it? It’s longer, slower, and makes mistakes pass uncaught (ironically enough).
This template engine that I built has accurate escaping and loops and recursion and things and it actually ends up smaller than Riot when the Node parts are stripped out and it’s minified. Maybe you can take inspiration from it. It’s pretty fast.
from riot.
The purpose of try
is to enable nested object access {x.y.z}
. Rendering should not break if y
does not exist. It's not perfect but it's the best I know so far. I'm all open to suggestions here!
btw: I just realized that the try block should not be the outmost block and it should be done per property. Unfortunately it slows down a lot. Clearly an area for improvements.
from riot.
Rendering should not break if
y
does not exist.
Yeah, it should! When is this not a mistake? That is a worse policy than PHP-style error handling. It is less intuitive than Jinja.
If you’re really attached, though:
function squashPropertyChain(name) {
var parts = name.split('.');
return '(' + parts.map(function (part, i) {
return parts.slice(0, i + 1).join('.') + ' != null';
}).join(' && ') + ' ? ' + name + ' : "")';
}
from riot.
Or, if you can guarantee a free variable name (_
here; more effort), this might be more efficient and should also play nicely with getters… not that anyone will use those:
function squashPropertyChain(name) {
var parts = name.split('.');
return '((_ = ' + parts[0] + ') != null' + parts.slice(1).map(function (part) {
return ' && (_ = _.' + part + ') != null';
}).join('') + ' ? _ : "")';
}
I don’t like this code as much, though.
from riot.
Hmm... I suppose I could remove that try block and let bad property access throw an error. Good point, thanks. @andyvanee what is your thought on this?
As an alternative I'd personally use something like this (pseudo code)
return name.indexOf(".") > 0 ? /* try block here */ : _.$1
from riot.
Yeah, that try
is definitely in the wrong spot.
I'm not opposed to letting it throw an error, but it should be consistent. It was returning an empty string for {x}
, so it seemed to make sense to do the same for {x.y}
. This is what mustache (and it's descendants) do, but many others will throw errors or have that as a configuration option.
When is this not a mistake?
I'm coming around to this point of view, especially in the context that riot seems to require.
The mustache technique is good if the rendered template is purely display. For example, rendering from some 3rd party json that you don't control. But if you are taking the data from a rendered template, watching it and feeding it back into your app, it only makes sense to throw an exception.
from riot.
I'll remove the try block in v1.0.1. Thank you guys!
from riot.
Related Issues (20)
- Using :is(a, b) selector in style tag breaks HOT 11
- handling spaces around expressions HOT 1
- Multiple nested slot reference errors? HOT 6
- Text-Field value update error HOT 1
- if-statement in <svg> tag error HOT 3
- embedded CSS regression riot@5 to riot@6 and later HOT 4
- Using riot components in an Angular application HOT 4
- The draggable attribute isn't handled right HOT 7
- "each" directive behavior when you modify the DOM directly HOT 2
- Class merge not working as expected HOT 3
- Spread operator merges new props object with the old one
- question: Dynamically introducing child-components HOT 2
- ":host" bug in css selector HOT 2
- Double rendering on some components HOT 3
- Strange compile issue HOT 3
- .unmount() doesn't work with this.root.innerHTML HOT 3
- regression 7.x-->9.x [update() inside of onMounted()] HOT 4
- the 9.1.0 version route.js can't download HOT 1
- In-browser compilation with spaces after opening { bracket HOT 2
- Fix saucelabs test HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from riot.