Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Readme
A cross platform template engine base on xml/html and javascript expression.
npm install lite
<html>
<head><title>${title}</title></head>
<body>
This is ${user.name}.
I am ${user.age} years old this year
</body>
</html>
var LiteEngine = require('lite').LiteEngine;
var engine = new LiteEngine('./');
require('http').createServer(function (request, response) {
var path = '/index.xhtml';
var model = {
title:'simple test',
user:{name:'jindw',age:35}
};
engine.render(path,model,request,response);
}).listen(2012);
var LiteEngine = require('lite').LiteEngine;
var engine = new LiteEngine('./');
require('http').createServer(function (request, response) {
//template path
var path = '/index.xhtml';
var data1Promise = APIProxy.getDataAsPromise('http://api.xxx.com/user?name=zhangshan&...')
var data2Promise = APIProxy.getDataAsPromise('http://api.xxx.com/user?name=lisi&...')
//model(available data and unavailable data(pending Promise))
var model = {
title:'static first and promise auto wait test'
data1:data1Promise,//output available contents first and wait until the promise is ready!!
data2:data2Promise
};
engine.render(path,model,request,response);
}).listen(2012);
<html>
<head>...</head>
<body>
<div c:widget="widget/header.xhtml"/>
<div c:lazy-widget="widget/module1.xhtml">
<!-- module1 source will build as a inner generator function,
and flush as __widget_arrived callback(...) when data prepared -->
loading module1...
</div>
<div c:lazy-widget="widget/module2.xhtml">
loading module2...
</div>
<div c:lazy-widget="widget/module3.xhtml">loading module3...</div>
<div c:widget="widget/footer.xhtml"/>
</body>
</html>
/**
* Created by jindw on 17/2/25.
*/
@Configuration
@EnableWebMvc
public class DemoConfig {
/**
* 模板源代码存储目录
*/
@Value("src/main/resources/templates")
private File templatePath;
/**
* 模板编译中间代码存储目录
*/
private File compiledCachePath;
/**
* 注册视图解析器
*/
@Bean
public ViewResolver getLiteResolver() {
final HotLiteEngine engine = new HotLiteEngine(templatePath,compiledCachePath);
return (String viewName, Locale locale) -> {
final Template tpl = engine.getTemplate(viewName + ".xhtml");
return tpl == null ? null : new View() {
@Override
public String getContentType() {
return tpl.getContentType();
}
@Override
public void render(Map<String, ?> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
tpl.render(model, response.getWriter());
}
};
};
}
}
<dependency>
<groupId>org.xidea</groupId>
<artifactId>lite</artifactId>
<version>3.1.15</version>
</dependency>
<?php
require_once("LiteEngine.php");
$root = realpath(__DIR__.'/../').'/';
$engine = new LiteEngine($root);
$path = '/test/index.xhtml';
$context = array("int1"=>1,"text1"=>'1');
$engine->render($path,$context);
FAQs
A cross platform template engine base on xml/html and javascript expression.
The npm package lite receives a total of 127 weekly downloads. As such, lite popularity was classified as not popular.
We found that lite demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.