Introduction
Hello! ð
In the ever-evolving landscape of web development, where the lines between server and client-side scripting blur,...
For further actions, you may consider blocking this person and/or reporting abuse
Yep really like htmx. I added alpine.js for the small bits of interactivity I need where it would be overkill to talk to the server
I didn't know about alphine! Thanks for telling me, I'll give it a look :)
HTMx is a good tool but it lacks several other functionalities, in my opinion is just jQuery improved.
If you are curious about functional programming I highly recommend Elixir and Phoenix LiveView.
reddit.com/r/elixir/comments/198cg...
Here is an interview with Jose and he talks about HTMx and Hotwire meaning that they are Imperative tools.
If everything is in HTML, wouldn't the user be able to make changes to the HTML to change especially things like a PHP script to trigger? It seems dangerous if the random script name somehow triggered something in the backend
If user can make HTML, that would be vulnerable. Usually, there is an escaping feature on most common templating languages anyway. Escaping the user content would be enough to prevent that.
If some HTML or anything rendered to HTML is necessary, the developers need to allow only safe attributes. It is like how to prevent XSS in traditional web applications.
good point