I am using enlive for my web development. I start my ring server in repl using (serve my-app/handler)
However when I make changes to any of my html templates I have to restart my repl for the changes to show up. How do I reload my markup without restarting the repl ?
Thanks,
Murtaza
You need to reevaluate lines that read the template. For example in my project I would have to reevaluate ("C-x C-e" in Emacs) the following line:
(def table-template (h/html-resource "META-INF/web/table.html"))
If you don't use Emacs you could try require namespace that contains templates with :reload, please see this: force clojure :reload
Related
I have a web application that uses enlive.
If I change an html file used by a template I don't see the changes unless I restart figwheel.
I am using ring.middleware.reload/wrap-reload like this:
(-> routes
(ring.middleware.reload/wrap-reload {:dirs ["src" "resources"]})
...
...but without any effect.
Note that if I change any .clj or .cljs file I don't have to restart the server.
Following the link given by Piotrek I found this project which fixed my issue: https://github.com/kolov/enlive-reload
The fix was to wrap the routes with (wrap-enlive-reload) and now everything works just fine.
I tested site for vulnerables (folder /service-contact) and possible XSS DOM issue came up (using Kali Linux, Vega and XSSER). However, i tried to manually test url with 'alert' script to make sure it's vulnerable. I used
www.babyland.nl/service-contact/alert("test")
No alert box/pop-up was shown, only the html code showed up in contact form box.
I am not sure i used the right code (i'm a rookie) or did the right interpretation. Server is Apache, using javascript/js.
Can you help?
Thanks!
This is Not Vulnerable to XSS, Whatever you are writing in the URL is Coming in Below Form section ( Vraag/opmerking ) . And the Double Quotes (") are Escaped. If you try another Payload like <script>alert(/xss/)</script> That Also won't work, Because this is Not Reflecting neither Storing. You will see output as a Text in Vraag/opmerking. Don't Rely on Online Scanners, Test Manually, For DOM Based XSS ..Check Sink and Sources and Analyze them.
The tool is right. There is a XSS-Vulnerability on the site, but the proof of concept (PoC) code is wrong. The content of a <textarea> can only contain character data (see <textarea> description on MDN). So your <script>alert("test")</script> is interpreted as text and not as HTML code. But you can close the <textarea> tag and insert the javascript code after that.
Here is the working PoC URL:
https://www.babyland.nl/service-contact/</textarea><script>alert("test")</script>
which is rendered as:
<textarea rows="" cols="" id="comment" name="comment"></textarea<script>alert("test")</script></textarea>
A little note to testing for XSS injection: Chrome/Chromium has a XSS protection. So this code doesn't exploit in this browser. For manual testing you can use Firefox or run Chrome with: --disable-web-security (see this StackOverflow Question and this for more information).
I have a Clojure application which process some data in our company. So I want to obtain possibility of its customization throw .myapp.clj file or something like this.
It must be a simple script in clojure in which user can define own data processing principle. Also he must has possibility for tunning http back end and others application parts.
So, what is the best way to implement this fiche?
A couple ways come to mind with varying levels of sophistication. The simplest is to just have each user define a ~/.myall.clj in their home directory and then the start of the program would include a line:
(def per-user-config (load-file "~/.myall.clj"))
load-file reads a file and returns the last form read in the file. This allows you to compose config files nicely. For instance you can make a company wide template that has symbols for things like user-name and then load it from a per-user config file that defines user-name and then calls load-file on the template
config-template.clj:
{:app-name "foo"
:user-url (str "http://server.company:8080/users/" user-name)
:foo "bar"}
joes-config.clj:
(def user-name "joe")
(load-file "resources/global-config.clj")
this allows you to distribute most of the config through git while still allowing users to overwrite any arbitrary part of the config.
I am trying to write/modify a jelly script in Jenkins Email-Ext that returns the build log. I am trying to filter the log with BUILD_LOG_REGEX for regular expressions. Can someone give me a sample script or format for doing build_log_regex using jelly script template? Thanks in advance.
The default template that you can use as your starting point is located in
$JENKINS_HOME/plugins/email-ext/WEB-INF/classes/hudson/plugins/emailext/templates/html.jelly
The ${BUILD_LOG_REGEX} token is used in the Default Content section of email-ext and typically not inside of the Jelly script. To use it, just change your Default Content to reference this token:
The developer of email-ext recommended switching from Jelly to Groovy since they have "more power, its easier to use and you can prototype stuff in the script console to some degree".
See https://wiki.jenkins-ci.org/display/JENKINS/Email-ext+plugin#Email-extplugin-Scriptcontent
You can then look at the source code for BuildLogRegexContent class on how this token is implemented and write code to produce exactly what you want.
I'm using django-html-mumamo-mode in order to manage Django templates in Emacs. Unfortunately, I've searched over the net but didn't find any way to change the HTML indentation from 2 to 4, when this mode is activated.
How can this be done?
Try customizing the variable django-indent-width, for example by adding this to your .emacs file:
(setq django-indent-width 4)