Forum: Ruby on Rails JavaScriptGenerator Dead End

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Mike E. (Guest)
on 2006-04-20 08:14
Hi All,

I posted earlier about a problem I was having with the various remote
view methods escaping all the javascript in my callbacks.  I was quickly
informed that that's just what they do, and offered some workarounds.

However, in actually working with this, I'm finding that this one little
thing is forcing me to write some REALLY ugly code.  Where I thought I
could specify an updater with some fairly sophisticated view
post-processing in my view, I am forced to write procedural code in my
controllers.

If I wanted to write code that ugly, I would have stuck with PHP.

There's got to be a way to stop e.g. link_to_remote from escaping the
javascript specified in the callbacks.  This behavior dramtically
reduces the elegance of these otherwise beautiful methods.

I've done some digging through the docs and even some of the code, but
nothing really jumped out at me.  Can someone more familiar with these
helpers please give me some suggestions?

Thanks much,

-Mike.
Shane S. (Guest)
on 2006-04-20 10:05
(Received via mailing list)
Can you post your code that you're having a problem with? why can't you
have
your callbacks call javascript methods and in the methods do all the
complex
javascript stuff instead of putting all the complex javascript stuff in
the
callback parameter?
Mike E. (Guest)
on 2006-04-20 10:25
OK, here's the simplest example of why what I'm asking for is useful:

<% @foo='bar'>
<%= link_to_remote :url=>{:parial => 'foo'},
  :update => 'bar',
  :oncomplete => "new Effect.Highlight('#{@foo}')"
%>

What I'm trying to do is send the contents of ruby variables to the
javascript code as literals.  It seems like a perfectly natural thing to
do, but the quote escaping makes it impossible, yielding:

new Effect.Highlight(&squot;bar&squote;)

This works surprisingly frequently considering what it looks like, but
is unreliable, and just plain wrong.

> Can you post your code that you're having a problem with? why can't you
> have
> your callbacks call javascript methods and in the methods do all the
> complex
> javascript stuff instead of putting all the complex javascript stuff in
> the
> callback parameter?
Mike E. (Guest)
on 2006-04-20 22:26
Update:  Oops, the above code actually works correctly.  However, if you
change it to:

<% @foo='bar'>
<%= link_to_remote :url=>{:parial => 'foo'},
  :update => 'bar',
  :oncomplete => update_page do |page|
    page.alert("'#{@foo}'")
  end
%>

you will get the escaped quotes.  Shouldn't this be considered a bug?
It certainly limits the usefulness of update_page.

I've continued my digging through the code, but still can't figure out
where this is happening.  Any help would be greatly appreciated.

Thanks much,

-Mike.
Mike E. (Guest)
on 2006-04-21 00:45

OK, I couldn't wait for you guys, so I found the problem myself :).
What's happening is that the tag_options method in tag_helper.rb runs
all tag options through html_escape.

I think of this as a bug which can be fixed by simply taking out the
html_escape call in tag_options, so it looks like this:

def tag_options(options)
  cleaned_options = convert_booleans(options.stringify_keys.reject
{|key, value| value.nil?})
  ' ' + cleaned_options.map {|key, value|
%(#{key}="#{value.to_s}")}.sort * ' ' unless cleaned_options.empty?
end

After all, it's easy enough to put h() around your callback values if
you want it.  However, doing so might break some existing code, so I'd
like peoples opinions on alternatives before I submit a patch.

I also started a ticket on Trac, which I will update with this info.

Any input from more experienced Ruby/Rails folks would be greatly
appreciated.

Thanks,

-Mike.
This topic is locked and can not be replied to.