xslate sv perl-2013-7-11
TRANSCRIPT
![Page 2: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/2.jpg)
Myself
Call me Goro
Working at Sunnyvale from May 2013
CPAN author
Xslate, Mouse, patches to Perl itself
![Page 3: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/3.jpg)
My favorites
Perl as a text processor
esp. regular expressions
Perl as a testing driver
JSX, a typed JavaScript
![Page 4: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/4.jpg)
My Requests
Feel free to ask for questions
Please say it slowly and clearly XD
![Page 5: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/5.jpg)
Agenda
What is a template engine
What is Xslate
How to use Xslate
![Page 6: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/6.jpg)
What is a template engine
Modules to build a text with dynamic parameters
![Page 7: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/7.jpg)
Without Template Engine
sprintf(“Hello, %s”, “world”)
“Hello %HOME%” =~ s/%(\w+)%/$ENV{$1}/gr
![Page 8: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/8.jpg)
With Template Egine
use Text::Xslate;
my $xslate = Text::Xslate->new();
say $xslate->render(‘hello.tx’, { a => ‘Xslate’);
# where hello.tx contains:
Hello, <: $a :> world!
![Page 9: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/9.jpg)
When to use?
Make HTML pages
Make mail reports
Whenever you build a text with parameters
![Page 10: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/10.jpg)
CPAN Template Engines
Template Toolkit
Mason
HTML::Template (::Pro)
Mojo::Template
Text::Xslate
and more
![Page 11: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/11.jpg)
What is Xslate
![Page 12: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/12.jpg)
Text::Xslate
Heavily inspired in:
Template Toolkit
Text::MicroTemplate
![Page 13: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/13.jpg)
Template Toolkit
or TT2
Super popular
A lot of features and plugins
Easy to learn
XSS vulnerability
![Page 14: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/14.jpg)
Text::MicroTemplate
or TMT
A tiny template engine
Much faster than TT2
Written in pure Perl
Smart escaping (XSS guard)
![Page 15: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/15.jpg)
Smart Escaping (1)
XSS: <a href=”blah”><: $foo :></a>
where $foo is <script>alert(“XSS”)</script>
What does the template engine do?
![Page 16: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/16.jpg)
Smart Escaping
TT2: prints it as is
TMT: prints <script>alert(“XSS”)</script>
escapes HTML meta characters (<, >, &, and etc.)
decides escaping by data type (described later)
means it is safer than writing HTML by yourself
![Page 17: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/17.jpg)
Xslate
100+ times faster than TT2
Smart escaping, the same as TMT
Good for Plack/PSGI
![Page 18: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/18.jpg)
Try Xslate
install: cpanm Text::Xslate
cli: xslate -e ‘Hello, <: $ARGV[0] :>’ Xslate
![Page 19: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/19.jpg)
How to use Xslate
![Page 20: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/20.jpg)
From Perl
use Text::Xslate;
my $tx = Text::Xslate->new();
print $tx->render($file, \%vars);
![Page 21: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/21.jpg)
Variables
<: $foo :> # where $foo is a scalar
<: $foo[0] :> # where $foo is an array ref
<: $foo[“bar”] :> # where $foo is an hash ref
<: $foo.bar(42) :> # where $foo is an object
![Page 22: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/22.jpg)
if, else
<: if $foo { $bar } :>
# shows $bar if $foo looks like true
<: if $foo { :>plain text<: } :>
# separated blocks
<: if $a { } else if $b { } else { } :>
# not elsif
![Page 23: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/23.jpg)
Loops and Special Vars
for $array_ref -> $item { ... } # foreach
for $a -> $item { $~item.count } # specials
$~item.count # 1, 2, 3, ...
$~item.index # 0, 1, 2, ...
$~item.cycle(“a”, “b”) # a, b, a, b, ...
![Page 24: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/24.jpg)
Include
include “foo.tx” # expand the template there
include “foo.tx” { foo => “bar” } # with vars
![Page 25: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/25.jpg)
Template Cascading
a.k.a. template inheritance
more powerful “include”
Like class inheritance
define a default behavior of components
override them in a sub template
![Page 26: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/26.jpg)
Utilities
need: Text::Xslate->new(module => [“Text::Xslate::Bridge::Star”])
and perldoc Text::Xslate::Manual::Builtin
substr(), uc(), lc(), sprintf(), etc, etc
<: function($arg) :> or <: $arg | function :>
![Page 27: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/27.jpg)
From Perl
All the values are automatically escaped
but you can prevent them from escaping:
$vars{foo} = mark_raw($widget)
# where $widget includes HTML tags
# marks it to “show it as is”
![Page 28: Xslate sv perl-2013-7-11](https://reader036.vdocuments.mx/reader036/viewer/2022062418/554fb9f1b4c90542018b471b/html5/thumbnails/28.jpg)
Conclusion
Xslate is a
super fast,
powerful,
and XSS-free template engine