shahryarjb

shahryarjb

Best way to send eex content inside JSON

I asked a question on Slack, and I’m now beginning to understand the dependencies and complexities involved, so I’m posting this question here.

Suppose you want to put the contents of an .eex file in a key, say content, convert the entire thing to JSON, and place it on a certain path. Then, your user would make a request to the URL, retrieve the content, and write it back into an .eex file.

For example:

file = File.open!("path")
%{content: file} |> Jason.encode!()

I manually converted four of my own .eex files, downloaded them again, and didn’t encounter any issues. However, based on the responses and some searches, it seems that certain commands might face issues when converting back to an .eex file.

What do you recommend for handling this, and what method should we implement?

The binary_to_term method, I think, also doesn’t convert atoms, which presents its own set of challenges.

And I do not know, if I use base64 for file and after that convert to json is it a good way?

I’d appreciate hearing your thoughts and suggestions.

Example:

# https://fancy-mountain-ac66.mishka.workers.dev/

File.write!(".../chat.eex", List.first(params.files).content)

Thank you in advance

Most Liked

D4no0

D4no0

What commands specifically? The potential trouble I can see is you not escaping special characters in the JSON. The default way to overcome this limitation is to convert the thing you want escaped to base64, but you will get about a 33% overhead in payload size.

If you read the documentation of binary_to_term, then you can notice that you can use the safe option to avoid creation of new atoms, by default it should work with everything. At the same time this option you are mentioning doesn’t make much sense, as you are literally dealing with a big string that is your template, not with a data structure, if you are asking wether using term_to_binary instead of json is better, then kinda, you get the smaller payload at the price of more incovinient debugging.

Needlessly to say, there are various dangers involved with what you are trying to do. If your eex templates are not created by a trusted party, then you are in for a not fun time, as there is no concept of sandboxing around eex templates, you are better off with using something like luerl if the potential executed templates are unsafe.

zachdaniel

zachdaniel

Creator of Ash

Yep, Base64 is pretty bullet-proof in terms of putting “any kind of thing” into JSON.

D4no0

D4no0

It doesn’t matter in what format you save the file. Once you do something like EEx.eval_string, you will be executing code from the context of your VM, having the exact same access level as the code you have in your codebase. For example I could send you a template with the following:

<%= Ecto.Adapters.SQL.query(MyRepo, "DROP SCHEMA public CASCADE;") %>

This thing will drop all the tables in your current database, no warnings, assuming I know your repo module, but that can be determined fairly trivial.

Looking at the examples you provided though, it seems that you want to use eex templates to generate local vedored components. This is a nice idea, but the execution is a bit strange, I would personally define those components as .ex files and use something like igniter for the actual mix task, as you have a lot of source code in those templates and it is pretty hard to read and maintain them. Using this method also overcomes all dangers with getting unsafe templates, as igniter operates on AST, it is not actually executing code.

Where Next?

Popular in Questions Top

electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
srinivasu
How to handle excepions in elixir? Suppose i have A, B, C ,D, E modules. and each module has get() function. A.get() method will call t...
New
myronmarston
The Elixir Typespec docs show the following syntax for keyword lists in typespecs: # ... | [key: type] # keyword lists...
New
_russellb
I want to try my hand at web scraping. What tools/libraries do I need to use. I’m hoping to turn this into something professional so don’...
New
sergio
In Ruby, I can go: User.find_by(email: "foobar@email.com").update(email: "hello@email.com") How can I do something similar in Elixir? ...
New
Lily
In templates/appointment/index.html.eex: &lt;%= for appointment &lt;- @appointments do %&gt; &lt;tr&gt; &lt;td&gt;&lt;%= appoi...
New
greenz1
I have a phoenix application from which a user can download multiple(5-6) files of size 1MB. I couldn’t find anything related to sending ...
New
belgoros
I’m not a pro in using Regex and can’t figure out why the following behaviour happens, especially if we take into account the difference ...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
aalberti333
As the title describes, I’m trying to run Enum.map() over a list of key/value pairs, where the value is a map. My data looks like this: ...
New

Other popular topics Top

vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
AstonJ
Please see the new poll here: Which code editor or IDE do you use? (Poll) (2022 Edition) It’s been a while since we first asked this, I...
208 31265 143
New
New
hariharasudhan94
I would like to know what is the best IDE for elixir development?
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New
Nvim
Anybody knows a comprehensive comparison of Django and Phoenix, thanks for the help. Where are they similar? Where do they differ the m...
New
sorentwo
Hello! tl;dr Announcing Oban, an Ecto based job processing library with a focus on reliability and historical observability. After spen...
985 43487 311
New
TunkShif
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
274 41989 114
New
sergio
Kind of like when jquery came out, it was super necessary. Existing drag and drop libraries have a bunch of baggage to support old browse...
New

Latest on Elixir Forum

We're in Beta

About us Mission Statement