subject:"Re\: \[Lift\] Re\: NodeSeq to JsExp how to\?"

Re: [Lift] Re: NodeSeq to JsExp how to?

2010-03-09 Thread Ross Mellgren

That's why I factored this as a JQueryNodeSeq, so you can pass anything to 
dialog (I've used JQuery, and figured you'd need to pass something in there ;-)

JQueryNodeSeq(ns) ~ JsFunc(dialog, JsObj(autoOpen - JsTrue, width - 
500, ..., close - AnonFunc(JsVal(this) ~ JsFunc(destroy

 case class JQueryNodeSeq(ns: NodeSeq) extends JsExp with JQueryLeft with 
 HtmlFixer {
JsExp is the basic trait of the JavaScript DSL. Anything that can go into a 
JavaScript expression should have this trait.
JQueryLeft is a trait used by the JQuery portion of the JavaScript DSL to 
indicate that you can chain JQuery calls onto this.
HtmlFixer is a trait that provides fixHtml

override def toJsCmd = jQuery( + JsStr(fixHtml(NodeSeqDialog, 
 ns)).toJsCmd + )

fixHtml takes the given NodeSeq and does all the appropriate magics to process 
lift: tags and then converts the NodeSeq to valid XHTML.

 }

And don't forget the security implications!

Hope that helps,
-Ross


On Mar 9, 2010, at 12:30 PM, Stuart Roebuck wrote:

 Thanks for that amazingly quick response!
 
 I only wish I understood the proposed solution! :-)
 
 So (confession time) I simplified things a little, the actual
 JavaScript is…
 
 var theDialog = $(…).dialog( { autoOpen: true, width: 500, modal:
 true, close: function() { theDialog.destroy; }; } )
 
 How do I assemble this, or is there any documentation / examples you
 can point me to.
 
 Thanks very much,
 
 Stuart.
 
 On Mar 9, 5:14 pm, Ross Mellgren dri...@gmail.com wrote:
 Whoops, I meant Str(fixHtml(...)) not JsStr(fixHtml(...))
 
 -Ross
 
 On Mar 9, 2010, at 12:14 PM, Ross Mellgren wrote:
 
 
 
 Try this (I haven't tested it, so there could be lurking bugs):
 
 case class JQueryNodeSeq(ns: NodeSeq) extends JsExp with JQueryLeft with 
 HtmlFixer {
override def toJsCmd = jQuery( + JsStr(fixHtml(NodeSeqDialog, 
 ns)).toJsCmd + )
 }
 
 Then JQueryNodeSeq(ns) ~ JsFunc(dialog)
 
 -Ross
 
 On Mar 9, 2010, at 12:06 PM, Stuart Roebuck wrote:
 
 I'm trying to produce a web page with editable content.
 
 When the user clicks an edit button on a line it uses jQuery to
 display a modal dialog which allows fields of that line to be edited.
 
 I can easily produce a snippet to produce the lines using the backend
 data and an XHTML template and binding etc.
 
 However, I also want the template to include the template for the
 dialog.  So I want the ajax button callback to send JavaScript to
 instantiate the jQuery UI dialog based on the template and bindings.
 
 To build this I need to assemble a JsCmd containing the NodeSeq that
 comes from the XHTML sequence and the bindings.
 
 In short, if this was straight jQuery I would have some JavaScript of
 the form:
 
 $(div title=Dialog TitletheFormNodeSeq/div).dialog()
 
 But in my case theFormNodeSeq comes from a NodeSeq that was assembled
 from part of the XHTML template and the bindings and the end result
 needs to be a JsCmd.
 
 So I'm trying to do something like:
 
 JsCmds.Run($( + theFormNodeSeq.toString + ).dialog())
 
 But I need to address escaping issues with the HTML and I also need to
 pre-process any lift:… / commands in theFormNodeSeq.
 
 Any advice (please)?
 
 --
 You received this message because you are subscribed to the Google Groups 
 Lift group.
 To post to this group, send email to lift...@googlegroups.com.
 To unsubscribe from this group, send email to 
 liftweb+unsubscr...@googlegroups.com.
 For more options, visit this group 
 athttp://groups.google.com/group/liftweb?hl=en.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Lift group.
 To post to this group, send email to lift...@googlegroups.com.
 To unsubscribe from this group, send email to 
 liftweb+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/liftweb?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Lift group.
To post to this group, send email to lift...@googlegroups.com.
To unsubscribe from this group, send email to 
liftweb+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/liftweb?hl=en.

Re: [Lift] Re: NodeSeq to JsExp how to?

2010-03-09 Thread David Pollak

On Tue, Mar 9, 2010 at 9:34 AM, Stuart Roebuck stuart.roeb...@gmail.comwrote:

 Ross,

 Thanks - yes, the NodeSeq is all generated from templates internally.


Then Ross's solution is the best for you.


 The end user does not have any access to change this stuff so this
 particular security issue shouldn't be a problem in this case.

 Stuart.

 On Mar 9, 5:30 pm, Ross Mellgren dri...@gmail.com wrote:
  Ah yes, the reason I went through the fixHtml route is because Stuart
 specifically mentioned he wanted to process those.
 
  Stuart, you should make sure to properly secure this stuff -- either as
 an admin-only thing (understanding that that person has as much rights as
 you) or by scrubbing the XML thoroughly.
 
  -Ross
 
  On Mar 9, 2010, at 12:26 PM, David Pollak wrote:
 
 
 
 
 
   On Tue, Mar 9, 2010 at 9:14 AM, Ross Mellgren dri...@gmail.com
 wrote:
   Try this (I haven't tested it, so there could be lurking bugs):
 
   case class JQueryNodeSeq(ns: NodeSeq) extends JsExp with JQueryLeft
 with HtmlFixer {
  override def toJsCmd = jQuery( + JsStr(fixHtml(NodeSeqDialog,
 ns)).toJsCmd + )
   }
 
   Ross,
 
   This is good code, but introduces a potential security vulnerability.
 ;-)
 
   fixHtml runs the NodeSeq through Lift's snippet handler.  If you have
 web-user input, a user could type in lift:/ and cause server-side code
 to be executed.
 
   import net.liftweb.util._
   import Helpers._
 
   Personally, I'd suggest jQuery( + AltXML.toXML(nodeSeq, false,
 true).encJs + )
 
   Thanks,
 
   David
 
   Then JQueryNodeSeq(ns) ~ JsFunc(dialog)
 
   -Ross
 
   On Mar 9, 2010, at 12:06 PM, Stuart Roebuck wrote:
 
I'm trying to produce a web page with editable content.
 
When the user clicks an edit button on a line it uses jQuery to
display a modal dialog which allows fields of that line to be edited.
 
I can easily produce a snippet to produce the lines using the backend
data and an XHTML template and binding etc.
 
However, I also want the template to include the template for the
dialog.  So I want the ajax button callback to send JavaScript to
instantiate the jQuery UI dialog based on the template and bindings.
 
To build this I need to assemble a JsCmd containing the NodeSeq that
comes from the XHTML sequence and the bindings.
 
In short, if this was straight jQuery I would have some JavaScript of
the form:
 
$(div title=Dialog TitletheFormNodeSeq/div).dialog()
 
But in my case theFormNodeSeq comes from a NodeSeq that was assembled
from part of the XHTML template and the bindings and the end result
needs to be a JsCmd.
 
So I'm trying to do something like:
 
JsCmds.Run($( + theFormNodeSeq.toString + ).dialog())
 
But I need to address escaping issues with the HTML and I also need
 to
pre-process any lift:… / commands in theFormNodeSeq.
 
Any advice (please)?
 
--
You received this message because you are subscribed to the Google
 Groups Lift group.
To post to this group, send email to lift...@googlegroups.com.
To unsubscribe from this group, send email to
 liftweb+unsubscr...@googlegroups.comliftweb%2bunsubscr...@googlegroups.com
 .
For more options, visit this group athttp://
 groups.google.com/group/liftweb?hl=en.
 
   --
   You received this message because you are subscribed to the Google
 Groups Lift group.
   To post to this group, send email to lift...@googlegroups.com.
   To unsubscribe from this group, send email to
 liftweb+unsubscr...@googlegroups.comliftweb%2bunsubscr...@googlegroups.com
 .
   For more options, visit this group athttp://
 groups.google.com/group/liftweb?hl=en.
 
   --
   Lift, the simply functional web frameworkhttp://liftweb.net
   Beginning Scalahttp://www.apress.com/book/view/1430219890
   Follow me:http://twitter.com/dpp
   Surf the harmonics
 
   --
   You received this message because you are subscribed to the Google
 Groups Lift group.
   To post to this group, send email to lift...@googlegroups.com.
   To unsubscribe from this group, send email to
 liftweb+unsubscr...@googlegroups.comliftweb%2bunsubscr...@googlegroups.com
 .
   For more options, visit this group athttp://
 groups.google.com/group/liftweb?hl=en.

 --
 You received this message because you are subscribed to the Google Groups
 Lift group.
 To post to this group, send email to lift...@googlegroups.com.
 To unsubscribe from this group, send email to
 liftweb+unsubscr...@googlegroups.comliftweb%2bunsubscr...@googlegroups.com
 .
 For more options, visit this group at
 http://groups.google.com/group/liftweb?hl=en.




-- 
Lift, the simply functional web framework http://liftweb.net
Beginning Scala http://www.apress.com/book/view/1430219890
Follow me: http://twitter.com/dpp
Surf the harmonics

-- 
You received this message because you are subscribed to the Google Groups 
Lift group.
To post to this group, send email to lift...@googlegroups.com.
To unsubscribe from this group, send email to

Re: [Lift] Re: NodeSeq to JsExp how to?

Re: [Lift] Re: NodeSeq to JsExp how to?

2 matches

Site Navigation

Mail list logo

Footer information