search

CrowdHailer / raxx

Interface for HTTP webservers, frameworks and clients
https://hexdocs.pm/raxx
Apache License 2.0
401 stars 29 forks source link

Add a view layer #123

Closed CrowdHailer closed 5 years ago

CrowdHailer commented 5 years ago

Add a view layer that can be used as follows.

defmodule MyApp.ShowUser do
  use Raxx.Server
  use Raxx.View, 
    arguments: [:user],
    template: "show_user.html.eex",
    layout "../layout.html.eex"

  @impl Raxx.Server
  def handle_request(_request, _state) do
    user = %{name: "Alice"}

    response(:ok)
    |> render(user)
  end
end

It can also be used in a separate view just as easily

defmodule MyApp.ShowUserView do
  use Raxx.View, 
    arguments: [:user],
    template: "show_user.html.eex",
    layout "../layout.html.eex"
end

# Then in use it anywere by calling
response(:ok)
|> MyApp.ShowUserView.render(user)

TODO include an EEx.Engine that handles html escaping. https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.232_-_Attribute_Escape_Before_Inserting_Untrusted_Data_into_HTML_Common_Attributes

CrowdHailer commented 5 years ago

Add comment about removing EEx modules