By using Kristin Gem, Is there any possible way to store the result of the conversion on a variable instead of outputting it as a file?
Assuming that the link below goes to the gem you are talking about, no. The gem is a very thin layer on top of pdf2htmlEX and simply spawns the process with the arguments passed. Further, pdf2htmlEX doesn't seem to support redirecting its output and adding this feature doesn't seem to be on their todo list, so adding this functionality would require wrapping a different converter.
I think your best bet would be to save load the HTML to a variable after creation.
Kristin:https://github.com/ricn/kristin
Thread about adding output redirection to pdf2htmlEX: https://github.com/coolwanglu/pdf2htmlEX/issues/638
Related
I have an ActiveJob which triggers a system script to run:
`grunt custom-job --src=files --dest="file" --vars='#{user_input_vars_from_json}'`
Point being is that
user_input_vars_from_json
Is a json config which comes as user input parameter from a controller.
I do validate the json format but how can I ensure that there is no harmful code send to my system command?
I would just like to preface this with: Any user input should be treated as dangerous. I would not recommend executing any command using user-provided inputs.
The first thing you're going to want to do is lock down the input as much as possible. Consider restricting the length of the user_input_vars_from_json to prevent buffer overflow and DoS attacks. I also recommend trying to figure out a way to both validate and restrict the "vars" you are trying to set in the user_input_vars_from_json JSON to filter out any unwanted keys/values.
Once your input is cleaned, you can use Kernel#system in combination with Shellwords to get as close to safe as possible in executing your command from your job:
require 'shellwords'
system("grunt", "custom-job", "--src=files", '--dest="file"', "--vars=\"#{Shellwords.escape(user_input_vars_from_json)}\""
I am using the cache_digests gem. I am trying to understand whats the purpose of TEMPLATE option in rake cache_digests:nested_dependencies and cache_digests:dependencies rake tasks.
Could you also tell what the output means? Does the output shows the list of partials which needs will be rendered using cache, so that if there is a mismatch I can change the render partial method accordingly?
whats the purpose of TEMPLATE option
Both cache_digests:nested_dependencies and cache_digests:dependencies tasks are provided to help you resolve which partials are rendered inside of your template. To get the list of dependencies you should first decide which page's dependencies you are interested in. So that page (template) is passed to rake task as a TEMPLATE option.
Does the output shows the list of partials which needs will be
rendered using cache, so that if there is a mismatch I can change the
render partial method accordingly?
The output lists files which are observed by cache-digests for changes. In case the code which that files contain changes, the parent template's cache is going to be expired and new cache is generated.
Sometimes cache-digests can't derive partials' paths correctly, so it's also a reason to watch rake tasks output. Changing problematic render calls or using special comments for explicit dependencies is the way to solve these kind of problems, as described here.
I have installed the less-rails gem as I am keen to use the colour manipulation LESS offers. I need to extract a colour from my database as my themes base colour, and build up from there.
I have the static CSS, and have renamed it styles.css.less to ensure that rails understands the less extension, which it appears to.
The next thing I tried was to also wrap the file as an erb, to hopefully allow ruby string literals to process before being sent to LESS, and eventually outputting as valid CSS (still with me?)
The file is now called style.css.less.erb. While the file simple contains valid CSS, the processing of the document works. As soon as I add a ruby string literal, it fails.
color: #{"#112233"};
In the chrome debugger, nothing after this line is getting processed.
What am I doing wrong, and how should I do what I am trying to do?
As Chowlett says in comments, you should use erb syntax: <%= "#112233" %>
Next step is get that value from db. If this color value is application-wide, probably you are looking for settings in db solution. I use rails-settings-cached gem for that. Your result code will looks like
color: <%= Setting.foo_color %>
If you are using assets on production, don't forget to recompile them after each setting change.
And if it's not a setting but probably something specific to each user then you can't use application-wide css files for that, but you can write inline css in views.
When doing J2EE development, I find it handy for debugging to view the Java classes that are generated by the JSP compiler.
How can I do the equivalent in Ruby? Since it is all in memory, it won't generate a file that I can view. I believe it's the ERB module that generates the corresponding object for a template, so how can I actually view the object? Can I drop a debugger statement somewhere and use rdb? Is there some configuration value I can tell it to dump the object definition? I'm using rails, in case that makes a difference.
I don't think rails generates a class for your view. It basically calls eval after processing the file. Or do you mean inspecting the erb object while it's parsing your template?
If it's the latter you can find erb.rb in lib\ruby\1.9.1 I'd imagine you could just drop a debugger statement throughout that file.
I always make a habit of adding the following to my views (layout) which allows me to inspect or debug the parameters being used by the view in question.
<%= debug(params) %>
This will format all the parameters in yaml and display them in a Hash format.
Have a look at the method in the source code to get a better understanding. SOURCE
There are some differences compared with the Java way due to language differences.
Most template libraries for Ruby follow these steps when compiling/optimizing:
The template is compiled into Ruby source code -- not a class but a long procedure that appends to a string buffer while traversing the logic of the original template.
This ruby code is evaluated in order to be bound for later reference, preferably within a method body. This way, it is only parsed once by the interpreter.
The method (or other context) containing the logic of the parsed template is invoked to render it.
Anyway, the compiled template code therefore looks a lot like a much noisier version of your original template, and will generally not help you debugging, unless you're debugging the template language itself.
Anyone interested in template language implementation might enjoy a look around the Tilt code (use different template languages with the same rendering interface and optimization), and Temple (a great template language meta-implementation).
I have some "namespaced" custom tags(developed with radius gem) that i would like to use in my rails application. I'd like to use sanitize gem to prevent xss-attacks, but there are no descriptions how to configure namespace in sanitize. Is there any possible way?
The sanitize gem doesn't support namespaces. Briefly looking at the code for sanitize, neither the transform class that cleans elements nor the way it actually parses html gives Nokogiri (the xml parser underlying sanitize) the information it needs to be able to recognise and process namespaces), so without modifying sanitize to support this, it's not going to be possible.
You'll be able to see the tags without the prefixed-namespaces in sanitize, so if they all have custom names that don't collide with any other tags, you can specify those, but with sanitize as it is currently written, you can't filter namespace-specific tags.
As far as I know the sanitize gem just filters javascript and HTML from params in the controller. Perhaps its been extended since I last looked.
No, you can't namespace most gems. There are a few hacks to put wrappers around them with monkey patching. If needed I would google "ruby namespace collision" and you get something like this How to resolve Rails model namespace collision