Xslate sv perl-2013-7-11

2,239 views
2,133 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,239
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Because Xslate has been inspired in TT2 Text::MicroTemplate, I’d like to introduce some features about them
  • TT2 is super popular template
  • TT2 and TMT lead Xslate, which is extremely faster than TT2 and borrows smart escaping from TMT, and Xslate has been made after PSGI, its API is suitable for PSGI, BTW, do you know PSGI or Plack? PSGI is a web application specification just like as CGI and Plack is a toolkit compatible with PSGI. To be simple, a feature which runs web applications
  • Do you know cpanm? This is a kind of cpan command but more fast and easy. And Xslate has a command line interface so you can easily evaluate a simple statement [DEMO]
  • Use of Xslate is super simple. Just three statements. Loading, creating an instance, and rendering a template.
  • When you want to split the template files, for example, to header files, body files, and footer files, you can use “include” directives.
  • Template cascading, also known as template inheritance which is implemented in Django and Smarty, is another form of “include”.
  • Xslate sv perl-2013-7-11

    1. 1. Xslate, a template engine Goro Fuji gfuji@cpan.org 2013-7-11 @ SVPerl
    2. 2. Myself Call me Goro Working at Sunnyvale from May 2013 CPAN author Xslate, Mouse, patches to Perl itself
    3. 3. My favorites Perl as a text processor esp. regular expressions Perl as a testing driver JSX, a typed JavaScript
    4. 4. My Requests Feel free to ask for questions Please say it slowly and clearly XD
    5. 5. Agenda What is a template engine What is Xslate How to use Xslate
    6. 6. What is a template engine Modules to build a text with dynamic parameters
    7. 7. Without Template Engine sprintf(“Hello, %s”, “world”) “Hello %HOME%” =~ s/%(w+)%/$ENV{$1}/gr
    8. 8. With Template Egine use Text::Xslate; my $xslate = Text::Xslate->new(); say $xslate->render(‘hello.tx’, { a => ‘Xslate’); # where hello.tx contains: Hello, <: $a :> world!
    9. 9. When to use? Make HTML pages Make mail reports Whenever you build a text with parameters
    10. 10. CPAN Template Engines Template Toolkit Mason HTML::Template (::Pro) Mojo::Template Text::Xslate and more
    11. 11. What is Xslate
    12. 12. Text::Xslate Heavily inspired in: Template Toolkit Text::MicroTemplate
    13. 13. Template Toolkit or TT2 Super popular A lot of features and plugins Easy to learn XSS vulnerability
    14. 14. Text::MicroTemplate or TMT A tiny template engine Much faster than TT2 Written in pure Perl Smart escaping (XSS guard)
    15. 15. Smart Escaping (1) XSS: <a href=”blah”><: $foo :></a> where $foo is <script>alert(“XSS”)</script> What does the template engine do?
    16. 16. Smart Escaping TT2: prints it as is TMT: prints &lt;script&gt;alert(“XSS”)&lt;/script&gt; escapes HTML meta characters (<, >, &, and etc.) decides escaping by data type (described later) means it is safer than writing HTML by yourself
    17. 17. Xslate 100+ times faster than TT2 Smart escaping, the same as TMT Good for Plack/PSGI
    18. 18. Try Xslate install: cpanm Text::Xslate cli: xslate -e ‘Hello, <: $ARGV[0] :>’ Xslate
    19. 19. How to use Xslate
    20. 20. From Perl use Text::Xslate; my $tx = Text::Xslate->new(); print $tx->render($file, %vars);
    21. 21. Variables <: $foo :> # where $foo is a scalar <: $foo[0] :> # where $foo is an array ref <: $foo[“bar”] :> # where $foo is an hash ref <: $foo.bar(42) :> # where $foo is an object
    22. 22. if, else <: if $foo { $bar } :> # shows $bar if $foo looks like true <: if $foo { :>plain text<: } :> # separated blocks <: if $a { } else if $b { } else { } :> # not elsif
    23. 23. Loops and Special Vars for $array_ref -> $item { ... } # foreach for $a -> $item { $~item.count } # specials $~item.count # 1, 2, 3, ... $~item.index # 0, 1, 2, ... $~item.cycle(“a”, “b”) # a, b, a, b, ...
    24. 24. Include include “foo.tx” # expand the template there include “foo.tx” { foo => “bar” } # with vars
    25. 25. Template Cascading a.k.a. template inheritance more powerful “include” Like class inheritance define a default behavior of components override them in a sub template
    26. 26. Utilities need: Text::Xslate->new(module => [“Text::Xslate::Bridge::Star”]) and perldoc Text::Xslate::Manual::Builtin substr(), uc(), lc(), sprintf(), etc, etc <: function($arg) :> or <: $arg | function :>
    27. 27. From Perl All the values are automatically escaped but you can prevent them from escaping: $vars{foo} = mark_raw($widget) # where $widget includes HTML tags # marks it to “show it as is”
    28. 28. Conclusion Xslate is a super fast, powerful, and XSS-free template engine

    ×