Fork me on GitHub
#reagent
<
2015-07-21
>
wei02:07:56

looking for a way to call update on a parent component when a child component updates. any ideas?

gadfly36102:07:24

Maybe you could have whatever is updating the child get passed thru the parent to the child

wei02:07:24

@gadfly361: iā€™m exploring a callback fn of sorts, thanks

borkdude08:07:27

@wei: you can do a callback, but to be honest, I've never needed one in Reagent, whereas in Om I've used plenty

borkdude08:07:34

@wei: but it all depends I guess

Pablo Fernandez08:07:57

I am converting my Luminus generated web app from secretary to silk, and as I follow ks-front-routing-example I notice it uses an atom to store the current route (https://github.com/metosin/ks-front-routing-example/blob/master/src/clj/ks_front_routing/ui/routing.cljs#L10) while Luminus uses the session (https://github.com/luminus-framework/luminus-template/blob/master/src/leiningen/new/luminus/cljs/src/cljs/core.cljs#L53). What are the implications of one vs the other?

wei08:07:17

@borkdude: I ended up not using a callback. found a pure CSS way to achieve what I wanted to do (hide/show animations)

curtosis13:07:12

anyone have a good pointer to an example of wiring liberator to reagent components?

curtosis13:07:48

good example, not good pointer, I mean.

borkdude15:07:08

@curtosis: nothing special, just ajax calls

curtosis15:07:36

ahh, cool, thanks!

curtosis15:07:20

I expect I will also need to sort out the interaction with the csrf wrapping luminus does.

borkdude15:07:17

@curtosis: I solved that using a cookie

curtosis15:07:17

in that project? I'll poke around. šŸ˜

borkdude15:07:28

no, not in that project

borkdude15:07:36

in some other project

borkdude15:07:46

csrf is only triggered with a post when you use something like ring-defaults

borkdude15:07:11

in some other project I made a /csrf end point which I call first, before doing any other posts

borkdude15:07:40

@curtosis: don't know if that's the best way, but it worked in my case. Another way is sending a cookie with the .html page

curtosis15:07:04

hmmm. ok. I do need to do a post (large data) so I may run into it.

curtosis15:07:54

but that's not really reagent-specific.

borkdude15:07:05

not really, but welcome to ask

coyotespike16:07:33

@curtosis: I was told that calling a /csrf end point largely obviates the point of having it. In the end I used Enlive to get the token from the ring-session and put it on the page. Then I used dommy to select it on the client-side, and included it in the POST request headers. May not be the best way to do it, though.

curtosis17:07:53

interesting.... I'll have to look into that. I think last time I poked at it I was having a hard time getting the token in the page headers in the first place. Probably just something stupid on my part.

coyotespike18:07:31

Maybe, but if so, that goes for me too. I was unable to find anything helpful about getting the token from Clojure to ClojureScript - a lot of people assume you'll just serve the token with your form, but that assumption doesn't hold if all your html is client-side.

coyotespike18:07:44

@bostonou helped set me on the right track over email.

curtosis18:07:35

Yeah, I'm not using a classical server-side form either. But I guess the server-side could just stick *anti-forgery-token* somewhere in the page...

coyotespike18:07:37

Here is what I did.

curtosis18:07:40

it seems like a simple thing, but it sort of makes sense that cljs doesn't have access to the headers of the page it's loaded from.

curtosis18:07:13

actually, I bet you could just use a <form> with only the wrap-csrf hidden field tag in it.

coyotespike18:07:00

I haven't extensively tested throwing it in the meta tag, although I think I did try that. I'm curious to see if you figure out a way with <form> suitable for cljs.

curtosis18:07:24

"This middleware should not be applied to handlers that define web services."

coyotespike18:07:54

But it should be used with browsers.

curtosis18:07:33

true.... though it's arguable whether an ajax call is accessing a web service or not. šŸ˜‰

coyotespike18:07:35

Agreed! I'm not clear on which category we should put a client-side web form that uses another function to make an ajax call.

coyotespike18:07:28

But I figured the browser part meant there was some vulnerability which CSRF could help with...just me spitballing...

curtosis18:07:19

I think the issue is primarily some other site triggering a request to your site in the browser, which would include any cookies or privileges you already have, but to do things behind your back. So it's really a question of whether the service depends on browser session for authentication. Again, I think. I quit doing security work for a reason.

coyotespike18:07:01

Ooh, good point. So, does an ajax call depend on the browser session? Inquiring minds want to know... šŸ˜‰

coyotespike19:07:43

I transferred a jar from my Mac to an Ubuntu. On one page, I used if to display one div or another, based on a boolean (it's a Reagent SPA). This doesn't work on the Ubuntu, with the same jar, and Java 8 installed. Everything else works though. My google-fu reveals nothing helpful. Is there some Ubuntu ClojureScript gotcha I should be aware of?

curtosis19:07:42

I believe (but have not tested) that XHR requests include any cookies a normal browser request would include.

curtosis19:07:49

to the same origin, that is.