It's 2022 and sadly I'm learning AngularJS (already past end of life!)
I need need to use what might be called a dynamic element/component. Pseudocode example:
In controller:
this.theElementName = 'b';
In the template:
<{{$ctrl.theElementName}}>this is some text</{{$ctrl.theElementName}}>
I would want this to create <b>this is some text</b>.
The reason is that I want to generate an array of different directives to render, and I don't want code like:
<b ng-if="$ctrl.theElementName === 'b'">this is some text</b>
<div ng-if="$ctrl.theElementName === 'div'">this is some text</div>
<directive-abc ng-if="$ctrl.theElementName === 'directive-abc'">this is some text</directive-abc>
...
In Svelte, it's
<svelte:element this={theElementName} />
In Vue it's
<div :is="theElementName" />
EDIT: in response to the reluctant 'that person', clarifying the use-case
Consider a user-configurable UI. The result of the configuration might be an array list of components desired. I would then need to loop and output those different components in my template. Of course the components would need a standard interface for properties passesd in, events emitted etc. but that can all be designed for.
My code could do a big switch statement, but that requires prior knowledge of every possible component that might be used now or in the future. By doing it the way I intend to, however, a future person could add a component without needing to touch this code.
You can write directive my-directive to use:
<div my-directive="$ctrl.theElementName">...
to generate:
<div><component-a>...
<div><component-b>...
<div><component-c>...
All directive should do is to generate html string and compile it:
element.append($compile('<' + scope.myDirective + '>...')(scope))
(also remember to update content in onChanges if you want to support it)
Directive may also copy certain/all attributes from original element etc.
P.S. you should be cautious e.g. if component name comes from database that may allow injections.
Not a brilliant solution, but documenting what is more of a workaround.
ng-include can be used to source another template file. That file can contain the component you need to include.
<ng-include src="'/path/to/' + theElementName + '.html'"></ng-include>
What I have
I'm using the FormController to create inputs. A specific input will be frequently updated by Javascript for internal purposes and I want it hidden. In this case, I can't use type="hidden", instead it needs to be type="text" so that it won't be checked by the form tampering prevention when submitted.
What I tried
Adding 'hidden' => true to $this->Form->create() options works if the whole form needs to be hidden. That exact attribute doesn't seem to be working for individual inputs though, created using both $this->Form->input() and $this->Form->control()
For a specific input, first thing that comes to mind is adding 'style' => 'display:none' to its options, but that does not seem like a clean CakePHP-way solution
I think I've seen someone mention a way to do exactly that here. I think it was an attribute you'd add to the options. I searched around my answers and comments, using both this site and Google, but found nothing.
Please advise!
You can create a hidden input and make it exempt from form security in case required, either by unlocking the field via the unlockField() method:
$this->Form->unlockField('field_name');
echo $this->Form->hidden('field_name');
or by passing false or 'skip' for the secure option:
echo $this->Form->hidden('field_name', ['secure' => false]);
echo $this->Form->hidden('field_name', [
'secure' => \Cake\View\Helper\FormHelper::SECURE_SKIP
]);
See also
Cookbook > Views > Helpers > Form > Working with SecurityComponent > unlockField()
By default, HTML Purifier adds an alt attribute to each img tag (really annoying behavior). So
<img src="123.jpg" />
becomes
<img src="123.jpg" alt="123.jpg" />
Documentation mentiones an Attr.DefaultImageAlt option. It defaults to NULL meaning to use the basename of the src attribute for the alt. When I set Attr.DefaultImageAlt to an empty string the result becomes
<img src="123.jpg" alt="" />
Anyone can suggest how to get rid of the alt attribute completely?
What you're observing stems from that the alt attribute is mandatory for img tags according to the standards, and HTML Purifier takes the standards into account.
That means HTML Purifier, unless you tweak its fundamental HTML handling behaviour (be it by patching HTML Purifier, or by overriding its understanding of certain tags or attributes), cannot be made to leave away the alt= attribute.
(Browsers actually have a similar behaviour, though it may not be as apparent - if you remove alt=, they will still have an internal alt= value that they use instead.)
If this information doesn't change your opinion on how to handle the attribute, read on:
Patching
(i.e. changing the behaviour by changing the HTML Purifier source code.)
If you want to patch HTML Purifier to allow alt to be absent, you should patch library/HTMLPurifier/AttrTransform/ImgRequired.php. You can also see how the Attr.DefaultImageAlt directive is used there - if you supply a value of null (rather than an empty string), part of the filename will be used as the alt value.
Overriding
(i.e. changing the behaviour without changing the HTML Purifier source code.)
If you want to override the HTML Purifier behaviour, check out the Customize! documentation on the HTML Purifier site.
Without having tested it, I believe you need to make two changes to override the behaviour you see:
1) Make alt non-mandatory:
$htmlDef = $this->configuration->getHTMLDefinition(true);
$htmlDef->addAttribute('img', 'alt', new HTMLPurifier_AttrDef_Text());
The lack of * should help you there.
2) Remove or replace the ImgRequired attribute-transformation.
You can see that the HTMLPurifier_AttrTransform_ImgRequired class ends up getting registered to both $htmlDef->info_attr_transform_post['img'] and $htmlDef->info_attr_transform_pre['img'] in library/HTMLPurifier/HTMLModule/Image.php. You should be able to do something like this:
$htmlDef->info_attr_transform_pre['img'] = array();
$htmlDef->info_attr_transform_post['img'] = array();
// You can *replace* the old behaviour with your own by writing
// your own class and loading it here:
// $htmlDef->info_attr_transform_pre['img'][] = new YourOwnClass();
// $htmlDef->info_attr_transform_post['img'][] = new YourOwnClass();
There may be some roadblocks on the way to getting this to work (e.g. the class may be registered somewhere subtly different that I just said it would be - it's been a few years since I tinkered with HTML Purifier on this level!), but this should set you on a good path to getting your hands dirty on HTML Purifier code. :)
I have a text editor (textAngular) that I've modified to limit the number of valid HTML tags I can generate using that tool. Now, I want to only support a limited number of HTML elements (h3, h4, h5, h6, ol, ul) to produce a news story but I want to disable some of the valid HTML rendered by ng-bind-html. Namely, I want to remove , tags as a valid tags because they could have disastrous results for this user generated content.
Is it possible to remove and tags as something rendered by ng-bind-html?
Unfortunately no, it isn't possible to config the valid HTML tags.
The ng-bind-html use the $sanitize service to strip invalid tags/attributes, and you can see in the source code that all the configurations are private.
// Safe Block Elements - HTML5
var blockElements = angular.extend({}, optionalEndTagBlockElements, makeMap("address,article," +
"aside,blockquote,caption,center,del,dir,div,dl,figure,figcaption,footer,h1,h2,h3,h4,h5," +
"h6,header,hgroup,hr,ins,map,menu,nav,ol,pre,script,section,table,ul"));
// Inline Elements - HTML5
var inlineElements = angular.extend({}, optionalEndTagInlineElements, makeMap("a,abbr,acronym,b," +
"bdi,bdo,big,br,cite,code,del,dfn,em,font,i,img,ins,kbd,label,map,mark,q,ruby,rp,rt,s," +
"samp,small,span,strike,strong,sub,sup,time,tt,u,var"));
If you really want it, one way you could do is to copy the angular-sanitize.js and modify the valid HTML tags configuration directly.
Please note that if you do it that way, all the ng-bind-html in your entire application will be also affected. If that is undesired, you have to write your own custom directive and inject/use your modified version of $sanitize instead.
If you're into modifying textAngular already, you could modify something around the taCustomRenderers Section of the code and use ta-bind instead of ng-bind-html. They do nearly the same thing except ta-bind runs all the extra renderers.
Custom Renderers Code: textAngularSetup, textAngular - probably in this one you can do your stripping out of unwanted code.
I've just started using cakephp elements and they're awesome (I used to use include).
I have an element gallery and an element called comments (for a certain page) and for them I have some javascript code attached to both of them. Do you have any suggestions on how I could include that javascript code in the element? If I simply add it like that it will load javascript before loading the html after the element and I don't think it's very wise.
You could put the Javascript code directly into the element file, or put the Javascript code in into your webroot folder, <cake directory>/app/webroot/js/ and include the file in your layout by using the HTML helper:
echo $html->script("myCode");
If you're worried about the Javascript code executing before the page has completely loaded, then use window.onload or $(document).ready() if you're using JQuery.
If I understand you correctly, you want to have JS specific to a page loading in the header when you call a certain element, but that the JS could be different for each element. You also want the JS to be referenced at the beginning of your HTML document.
This is actually quite easy to do. Just make sure that you have <?php echo $scripts_for_layout; ?> in you <head> tag in the layout you are using.
Then, within the element, just do:
<?php $this->Html->script("js_file", array("inline"=>false)); ?>
js_file is the name of your JavaScript file in app/webroot/js/. In this case, the file would be called js_file.js but you must leave off the .js when referencing it as above.
It doesn't matter where abouts in the element file you put this because the "inline"=>false part ensures it won't actually appear at that stage in the code. Instead, it will appear in the <head> wherever you put <?php echo $scripts_for_layout; ?> in your layout.
In cakephp 3 instead of array('inline' => false) you should use array('block' => true) if anyone is looking for that answer like I was.