Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
github.com/stevelacy/daz
Composable HTML components in Golang
Daz is a "functional" alternative to using templates, and allows for nested components/lists Also enables template-free server-side rendered components with support for nested lists. It is inspired by HyperScript.
A component can be created and used with simple functions:
// Example prop for a component
type User struct {
Name string
// ...
}
func MyComponenet(user User) func() string {
return H(
"div",
Attr{"class": "bg-grey-50"},
user.Name,
)
}
func Root() func() string {
user := User{Name: "Daz"}
html := H("html", MyComponenet(user))
}
// And used in a handler:
func Handler(w http.ResponseWriter, r *http.Request) {
w.Write([]byte(Root()))
}
Lists can be easily created without needing to embed a range / end
in a template:
items := []func() string{
H("li", "item one"),
H("li", "item two"),
}
element := H("ul", Attr{"class": "bg-grey-50"}, items)
div := H("div", element)
import (
"github.com/stevelacy/daz"
)
H
Create a HTML element:
H("div", ...attrs)
Attr
HTML attributes:
Attr{
"class": "app",
"onClick": "javascriptFunc()",
}
UnsafeContent
This will bypass HTML sanitization and allow for direct injecting
injection := "<script>alert('xss')</script>"
root := H("div", UnsafeContent(injection))
// <script>alert('xss')</script>
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.