riot-tmpl - npm Package Compare versions

Comparing version 2.3.1 to 2.3.12

dist/riot.tmpl.js


		/**
		* The riot template engine
		* @version v2.3.1
		* @version v2.3.12
		*/
		@@ -6,0 +6,0 @@

dist/tmpl.js

		@@ -1,2 +0,2 @@
		/* riot-tmpl v2.3.1, @license MIT, (c) 2015 Muut Inc. + contributors */
		/* riot-tmpl v2.3.12, @license MIT, (c) 2015 Muut Inc. + contributors */
		;(function (window) {
		@@ -3,0 +3,0 @@ 'use strict' // eslint-disable-line

doc/CHANGES.md

		@@ -6,37 +6,7 @@

		## Characters not allowed in brackets

		There are characters not allowed to define brackets, some are common characters in JavaScript expressions that hinder finding the right riot brackets, and other are forbidden by the HTML specs for text elements.

		This is the list of invalid characters:

		- Control characters from `\x00` to `\x1F` that can be changed by browsers or minifier tools
		- Alphanumeric `a-z`, `A-Z`, and `0-9`, wich are confused with JS variable names
		- Single and double quotes, comma, semicolon and backslash `'`, `"`, `,`, `;`, `\`, for obvious reasons
		- The dangerous `<` and `>` characters, reserved for use in markup and strictly prohibited in unquoted text for any other purpose -- out of CDATA sections.

		Typically, by using '<>' the browser will send to riot something different to what the user wants. With preprocessors such as ASP, no problems. But riot is not one of them, even with precompiled tags, it's a postprocessor. See the difference:

		#### ASP

		Source –> \| ASP parser –> \| Browser
		-------------------\|----------------\|-----------
		`<p><%= x %></p>` \| `<p>X</p>` \| (Renders "X")


		ASP takes the value of `x`, does the substitution, and stops here. The browser (HTML parser) receives valid HTML.

		#### riot

		Source –> \| Browser –> \| riot parser –>
		------------------\|----------------------\|----------------
		`<p><%= x %></p>` \| Renders `<p><></p>`? \| `<p><></p>`

		Here the browser (some version of IE) receives invalid markup and try to render the best it can without break the page (i.e. "fix" the error). riot has no chance to get the expression and re-render the value. Other browser _can_ keep the markup as-is depending on its location in the elements. Anyway, the result is unpredictable.

		## Escaped brackets, backslashes, and EOLs

		Escaped brackets _within expressions_ are left unescaped, except in JavaScript strings and regular expressions, where are not touched. So far, I have not found a case where the brackets must remain escaped.
		Escaped brackets _within expressions_ are left unescaped, except in JavaScript strings and regexes, where are preserved. So far, I have not found a case where the brackets must remain escaped.

		Other backslashes in the HTML parts, strings, and regexes, are preserved.
		Backslashes in the HTML parts are not touched.

		@@ -53,2 +23,4 @@ EOLs are normalized to `\n` in the HTML, converted to compact spaces in expressions, and preserved in JavaScript strings and regexes.

		Ref: [riot#1189](https://github.com/riot/riot/issues/1189)

		## Why to use tmpl.hasExpr and tmpl.loopKeys?
		@@ -64,3 +36,3 @@

		brackets 2.3 combines the behavior of brackets 2.2 with a new one, based on these idea. There is a performance penalty in supporting both but compatibility is maintained.
		brackets 2.3 combines the behavior of brackets 2.2 with a new one, based on these idea. There is a performance penalty in supporting both, but compatibility is maintained.

		@@ -75,2 +47,32 @@ If riot is available when `brackets` is instantiated, `brackets` will use the configuration in `riot.settings`. If not, you can link a configuration later, through the new `brackets.settings` property, which accepts a reference to `riot.settings` or other object where read and write new brackets values.

		## Characters not allowed in brackets

		There are characters not allowed to define brackets, some are common characters in JavaScript expressions that hinder finding the right riot brackets, and other are forbidden by the HTML specs for text elements.

		This is the list of invalid characters:

		- Control characters from `\x00` to `\x1F` that can be changed by browsers or minifier tools
		- Alphanumeric `a-z`, `A-Z`, and `0-9`, wich are confused with JS variable names
		- Single and double quotes, comma, semicolon and backslash `'`, `"`, `,`, `;`, `\`, for obvious reasons
		- The dangerous `<` and `>` characters, reserved for use in markup and strictly prohibited in unquoted text for any other purpose -- out of CDATA sections.

		Typically, by using '<>' the browser will send to riot something different to what the user wants. With preprocessors such as ASP, no problems. But riot is not one of them, even with precompiled tags, it's a postprocessor. See the difference:

		#### ASP

		Source –> \| ASP parser –> \| Browser
		-------------------\|----------------\|-----------
		`<p><%= x %></p>` \| `<p>X</p>` \| (Renders "X")


		ASP takes the value of `x`, does the substitution, and stops here. The browser (HTML parser) receives valid HTML.

		#### riot

		Source –> \| Browser –> \| riot parser –>
		------------------\|----------------------\|----------------
		`<p><%= x %></p>` \| Renders `<p><></p>`? \| `<p><></p>`

		Here the browser (some version of IE) receives invalid markup and try to render the best it can without break the page (i.e. "fix" the error). riot has no chance to get the expression and re-render the value. Other browser _can_ keep the markup as-is depending on its location in the elements. Anyway, the result is unpredictable.

		_@amarcruz_

lib/tmpl.js

		@@ -139,3 +139,3 @@ /**

		// Regexes for `parseExpr` and `getCSList`
		// Regexes for `_getTmpl` and `_parseExpr`
		var
		@@ -142,0 +142,0 @@ RE_QBLOCK = new RegExp(brackets.S_QBLOCKS, 'g'),

package.json

		{
		"name": "riot-tmpl",
		"version": "2.3.1",
		"version": "2.3.12",
		"description": "The riot template engine",
		@@ -5,0 +5,0 @@ "main": "dist/tmpl.js",

riot-tmpl - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics