Menu
Search

Forums

Forum Index

May 24, 2016
Gravatar of KagaminPosted by Kagamin
in reply to Bauss		Reply
Kagamin
Gravatar of Kagamin
Posted in reply to Bauss


Reply
The values are injected unescaped by default?
May 24, 2016
Gravatar of BaussPosted by Bauss
in reply to Kagamin		Reply
Bauss
Gravatar of Bauss
Posted in reply to Kagamin


Reply
On Tuesday, 24 May 2016 at 13:09:28 UTC, Kagamin wrote:
> The values are injected unescaped by default?

Yes. To escape there is the escape function.

Take a look at the comparison for the result.

I'm going to figure out a syntax for escaping though, so there'll be one for both.

Not sure what symbols to use though. @$=value_to_escape; is probably going to be the result.
May 24, 2016
Gravatar of BaussPosted by Bauss
in reply to Bauss		Reply
Bauss
Gravatar of Bauss
Posted in reply to Bauss


Reply
On Tuesday, 24 May 2016 at 14:54:27 UTC, Bauss wrote:
> On Tuesday, 24 May 2016 at 13:09:28 UTC, Kagamin wrote:
>> The values are injected unescaped by default?
>
> Yes. To escape there is the escape function.
>
> Take a look at the comparison for the result.
>
> I'm going to figure out a syntax for escaping though, so there'll be one for both.
>
> Not sure what symbols to use though. @$=value_to_escape; is probably going to be the result.

Note: If you have a better suggestion, feel free to come with one :)
May 24, 2016
Gravatar of BaussPosted by Bauss
in reply to Bauss		Reply
Bauss
Gravatar of Bauss
Posted in reply to Bauss


Reply
On Tuesday, 24 May 2016 at 14:57:03 UTC, Bauss wrote:
> On Tuesday, 24 May 2016 at 14:54:27 UTC, Bauss wrote:
>> On Tuesday, 24 May 2016 at 13:09:28 UTC, Kagamin wrote:
>>> The values are injected unescaped by default?
>>
>> Yes. To escape there is the escape function.
>>
>> Take a look at the comparison for the result.
>>
>> I'm going to figure out a syntax for escaping though, so there'll be one for both.
>>
>> Not sure what symbols to use though. @$=value_to_escape; is probably going to be the result.
>
> Note: If you have a better suggestion, feel free to come with one :)

No wait I forgot it already is possible.

Using @(value_to_escape)
May 24, 2016
Gravatar of BaussPosted by Bauss
in reply to Bauss		Reply
Bauss
Gravatar of Bauss
Posted in reply to Bauss


Reply
On Tuesday, 24 May 2016 at 15:00:34 UTC, Bauss wrote:
> On Tuesday, 24 May 2016 at 14:57:03 UTC, Bauss wrote:
>> On Tuesday, 24 May 2016 at 14:54:27 UTC, Bauss wrote:
>>> On Tuesday, 24 May 2016 at 13:09:28 UTC, Kagamin wrote:
>>>> The values are injected unescaped by default?
>>>
>>> Yes. To escape there is the escape function.
>>>
>>> Take a look at the comparison for the result.
>>>
>>> I'm going to figure out a syntax for escaping though, so there'll be one for both.
>>>
>>> Not sure what symbols to use though. @$=value_to_escape; is probably going to be the result.
>>
>> Note: If you have a better suggestion, feel free to come with one :)
>
> No wait I forgot it already is possible.
>
> Using @(value_to_escape)

I am such a mess today and also wish there was an edit button for forum posts.

@(value_to_escape) will only escape text and not variables, so a syntax for an expression/variable is still up. I will go with the @$= syntax for now
May 24, 2016
Gravatar of BaussPosted by Bauss
in reply to Bauss		Reply
Bauss
Gravatar of Bauss
Posted in reply to Bauss


Reply
On Tuesday, 24 May 2016 at 15:03:28 UTC, Bauss wrote:
> On Tuesday, 24 May 2016 at 15:00:34 UTC, Bauss wrote:
>> On Tuesday, 24 May 2016 at 14:57:03 UTC, Bauss wrote:
>>> On Tuesday, 24 May 2016 at 14:54:27 UTC, Bauss wrote:
>>>> On Tuesday, 24 May 2016 at 13:09:28 UTC, Kagamin wrote:
>>>>> The values are injected unescaped by default?
>>>>
>>>> Yes. To escape there is the escape function.
>>>>
>>>> Take a look at the comparison for the result.
>>>>
>>>> I'm going to figure out a syntax for escaping though, so there'll be one for both.
>>>>
>>>> Not sure what symbols to use though. @$=value_to_escape; is probably going to be the result.
>>>
>>> Note: If you have a better suggestion, feel free to come with one :)
>>
>> No wait I forgot it already is possible.
>>
>> Using @(value_to_escape)
>
> I am such a mess today and also wish there was an edit button for forum posts.
>
> @(value_to_escape) will only escape text and not variables, so a syntax for an expression/variable is still up. I will go with the @$= syntax for now

A commit has now been done with escaping for variables / expressions.

Can be seen here:
https://github.com/bausshf/Diamond/commit/e082d63d2a351a9e57cfc7f8bee8182711919759

It'll come in version 0.2.4
May 25, 2016
Gravatar of KagaminPosted by Kagamin
in reply to Bauss		Reply
Kagamin
Gravatar of Kagamin
Posted in reply to Bauss


Reply
On Tuesday, 24 May 2016 at 14:57:03 UTC, Bauss wrote:
> Note: If you have a better suggestion, feel free to come with one :)

I'd say do what razor does: raw output should require extra syntax. Weren't templates created in order to not build html in code?
May 25, 2016
Gravatar of BaussPosted by Bauss
in reply to Kagamin		Reply
Bauss
Gravatar of Bauss
Posted in reply to Kagamin


Reply
On Wednesday, 25 May 2016 at 12:29:03 UTC, Kagamin wrote:
> On Tuesday, 24 May 2016 at 14:57:03 UTC, Bauss wrote:
>> Note: If you have a better suggestion, feel free to come with one :)
>
> I'd say do what razor does: raw output should require extra syntax. Weren't templates created in order to not build html in code?

So you suggest to switch them around? :)

@=value; will become encoded and @$=value; will become raw?

That could work out.
« First   ‹ Prev
1 2
Next ›   Last »