I frequently use
<myElem th:if="${myVar}" th:text="${myVar}">dummy</myElem>
Is there a more concise syntax with less repetition?
No, this is the short syntax you can use to render an html tag
Related
is there a way to loop from 'a' to 'z' using th:each block of thymeleaf in a similar way we do using #numbers.sequence?
For the moment I am using a static array of chars in the back-and and passing this to the front-end.
You can do the following:
<div th:with="letters='abcdefghijklmnopqrstuvwxyz'"
th:each="num : ${#numbers.sequence(0, 25)}">
<div th:text="${#strings.substring(letters, num, num+1)}"></div>
</div>
This still requires a hard-coded string (as you can see), which you could just as easily pass to Thymeleaf as a Java String (not as an array of chars). But maybe it's more acceptable than what you are currently doing.
I don't know of any way in which Thymeleaf can directly use Java's (char)('A' + num) technique - otherwise that would probably be what you are looking for. I think that is not possible. Unless/until someone proves it is possible.
Update
To prove myself somewhat wrong, I used the following approach:
<div th:each="num : ${#numbers.sequence(97, 122)}">
<div th:text="${#conversions.convert(num, 'java.lang.Character')}"></div>
</div>
This prints a through z by converting the decimal ASCII values to Java chars.
However this is only valid if you are using the Spring dialect of Thymeleaf - which is not mentioned in your question - so may be of no help to you.
A solution using the Thymeleaf standard dialect (no Spring) is to define a custom conversion service.
That requires more coding than your current approach - so again, is probably not what you want. But I mention it just in case. How you implement this depends more specifically on how you have integrated Thymeleaf into your program.
for example this image:
https://pbs.twimg.com/media/BFmDUA5CcAAmcBl.jpg
then I add a color symbol to send query string:
https://pbs.twimg.com/media/BFmDUA5CcAAmcBl.jpg:large
https://pbs.twimg.com/media/BFmDUA5CcAAmcBl.jpg:small
I googled that is twitter image
what coding language can achieve this?
php? ruby on rails?
or any htaccess rewrite rule?
Any.
It has nothing to do with programming languages, but with CGI: http://en.wikipedia.org/wiki/Common_Gateway_Interface
The colon is however not a valid part of the CGI spec, so the server receiving the request will probably parse it in code.
Note though that the CGI spec defines '&' as separator between different variable/value pairs, which results in incorrect (X)HTML when used in <a> tags. This is because it doesn't define a valid entity. To remedy this, at least in PHP, you can change this separator: http://www.php.net/manual/en/ini.core.php#ini.arg-separator.output
Is there an equivalent to PHP's urlencode in Ruby on Rails 2.3.5? (It encodes a string to be used in a query part of a URL)
I googled it but all the answers seem to date back to before 2006 and seems dates.
This is what I found. It seems a bit abnormal to call CGI::escape in a view.
Is there an equivalent helper function?
Thanks!
I believe the u helper method is what you're looking for:
<%=u "URL ENCODE <p>ME</p>" %>
This uses the method ERB::Util.url_encode, which is aliased to u.
You can find the documentation for this method here: http://rdoc.info/stdlib/erb/1.8.7/ERB/Util:url_encode.
If you want to do it without ERB, you can use the following:
Rack::Utils.escape('http://example.com')
#=> "http%3A%2F%2Fexample.com"
Which will also convert /
This worked better for me than the Rack::Utils.escape:
URI::escape('http://example.com/?param=Hello World')
Because it replaced the spaces with %20 instead of +
But it won't replace /
ERB::Util.html_escape, which is aliased to h and ERB::Util.url_encode, which is aliased to u .
http://ruby-doc.org/stdlib-1.9.3/libdoc/erb/rdoc/ERB/Util.html
The method names seem to have changed since Sam Soffes answer, but the aliases haven't.
I am somewhat of a Rails newbie so bear with me, I have most of the application figured out except for this one part.
def linkup_mentions_and_hashtags(text)
text.gsub!(/#([\w]+)(\W)?/, '#\1\2')
text.gsub!(/#([\w]+)(\W)?/, '#\1\2')
text
end
I found this example here: http://github.com/jnunemaker/twitter-app
The link to the helper method: http://github.com/jnunemaker/twitter-app/blob/master/app/helpers/statuses_helper.rb
Perhaps you could use Regular Expressions to look for "#..." and then replace the matches with the corresponding link?
You could use a regular expression to search for #sometext{whitespace_or_endofstring}
You can use regular expressions, i don't know ruby but the code should be almost exactly as my example:
Regex.Replace("this is an example #AlbertEin",
"(?<type>[##])(?<nick>\\w{1,}[^ ])",
"${type}${nick}");
This example would return
this is an example <a href="http://twitter.com/AlbertEin>#AlbertEin</a>
If you run it on .NET
The regex (?<type>[##])(?<nick>\\w{1,}[^ ]) means, capture and name it TYPE the text that starts with # or #, and then capture and name it NAME the text that follows that contains at least one text character until you fin a white space.
Perhaps you can use a regular expression to parse out the words starting with #, then update the string at that location with the proper link.
This regular expression will give you words starting with # symbols, but you might have to tweak it:
\#[\S]+\
You would use a regular expression to search for #username and then turn that to the corresponding link.
I use the following for the # in PHP:
$ret = preg_replace("#(^|[\n ])#([^ \"\t\n\r<]*)#ise",
"'\\1<a href=\"http://www.twitter.com/\\2\" >#\\2</a>'",
$ret);
I've also been working on this, I'm not sure that it's 100% perfect, but it seems to work:
def auto_link_twitter(txt, options = {:target => "_blank"})
txt.scan(/(^|\W|\s+)(#|#)(\w{1,25})/).each do |match|
if match[1] == "#"
txt.gsub!(/##{match.last}/, link_to("##{match.last}", "http://twitter.com/search/?q=##{match.last}", options))
elsif match[1] == "#"
txt.gsub!(/##{match.last}/, link_to("##{match.last}", "http://twitter.com/#{match.last}", options))
end
end
txt
end
I pieced it together with some google searching and some reading up on String.scan in the api docs.
What is the best solution to sanitize output HTML in Rails (to avoid XSS attacks)?
I have two options: white_list plugin or sanitize method from Sanitize Helper http://api.rubyonrails.com/classes/ActionView/Helpers/SanitizeHelper.html . For me until today the white_list plugin worked better and in the past, Sanitize was very buggy, but as part of the Core, probably it will be under development and be supported for a while.
I recommend http://code.google.com/p/xssterminate/.
I think the h helper method will work here:
<%= h #user.profile %>
This will escape angle brackets and therefore neutralize any embedded JavaScript. Of course this will also eliminate any formatting your users might use.
If you want formatting, maybe look at markdown.
Personally I think it's not a small decision to accept any HTML entry in any web app. You can test for white/blacklisted tags as much as you like, but unless you're testing for correct nesting, someone could enter a series of closing tags, for example
</td></tr></span></div>
and really mess with your layout.
I'd usually give people something like Textile to enter their markup, since I'd rather spend my time working on business logic than HTML parsing.
Of course, if this text entry is more fundamental to your app (as for example it is for stackoverflow) then you probably should give more attention to hand-rolling your own.