Fork me on GitHub

looking for a way to call update on a parent component when a child component updates. any ideas?


Maybe you could have whatever is updating the child get passed thru the parent to the child


@gadfly361: iā€™m exploring a callback fn of sorts, thanks


@wei: you can do a callback, but to be honest, I've never needed one in Reagent, whereas in Om I've used plenty


@wei: but it all depends I guess

Pablo Fernandez08:07:57

I am converting my Luminus generated web app from secretary to silk, and as I follow ks-front-routing-example I notice it uses an atom to store the current route ( while Luminus uses the session ( What are the implications of one vs the other?


@borkdude: I ended up not using a callback. found a pure CSS way to achieve what I wanted to do (hide/show animations)


anyone have a good pointer to an example of wiring liberator to reagent components?


good example, not good pointer, I mean.


@curtosis: nothing special, just ajax calls


ahh, cool, thanks!


I expect I will also need to sort out the interaction with the csrf wrapping luminus does.


@curtosis: I solved that using a cookie


in that project? I'll poke around. šŸ˜


no, not in that project


in some other project


csrf is only triggered with a post when you use something like ring-defaults


in some other project I made a /csrf end point which I call first, before doing any other posts


@curtosis: don't know if that's the best way, but it worked in my case. Another way is sending a cookie with the .html page


hmmm. ok. I do need to do a post (large data) so I may run into it.


but that's not really reagent-specific.


not really, but welcome to ask


@curtosis: I was told that calling a /csrf end point largely obviates the point of having it. In the end I used Enlive to get the token from the ring-session and put it on the page. Then I used dommy to select it on the client-side, and included it in the POST request headers. May not be the best way to do it, though.


interesting.... I'll have to look into that. I think last time I poked at it I was having a hard time getting the token in the page headers in the first place. Probably just something stupid on my part.


Maybe, but if so, that goes for me too. I was unable to find anything helpful about getting the token from Clojure to ClojureScript - a lot of people assume you'll just serve the token with your form, but that assumption doesn't hold if all your html is client-side.


@bostonou helped set me on the right track over email.


Yeah, I'm not using a classical server-side form either. But I guess the server-side could just stick *anti-forgery-token* somewhere in the page...


Here is what I did.


it seems like a simple thing, but it sort of makes sense that cljs doesn't have access to the headers of the page it's loaded from.


actually, I bet you could just use a <form> with only the wrap-csrf hidden field tag in it.


I haven't extensively tested throwing it in the meta tag, although I think I did try that. I'm curious to see if you figure out a way with <form> suitable for cljs.


"This middleware should not be applied to handlers that define web services."


But it should be used with browsers.


true.... though it's arguable whether an ajax call is accessing a web service or not. šŸ˜‰


Agreed! I'm not clear on which category we should put a client-side web form that uses another function to make an ajax call.


But I figured the browser part meant there was some vulnerability which CSRF could help with...just me spitballing...


I think the issue is primarily some other site triggering a request to your site in the browser, which would include any cookies or privileges you already have, but to do things behind your back. So it's really a question of whether the service depends on browser session for authentication. Again, I think. I quit doing security work for a reason.


Ooh, good point. So, does an ajax call depend on the browser session? Inquiring minds want to know... šŸ˜‰


I transferred a jar from my Mac to an Ubuntu. On one page, I used if to display one div or another, based on a boolean (it's a Reagent SPA). This doesn't work on the Ubuntu, with the same jar, and Java 8 installed. Everything else works though. My google-fu reveals nothing helpful. Is there some Ubuntu ClojureScript gotcha I should be aware of?


I believe (but have not tested) that XHR requests include any cookies a normal browser request would include.


to the same origin, that is.