On 06/13/2010 09:31 PM, Caleb James DeLisle wrote:
> I would like to see a (written) best practice of putting all javascript
> content into the head of the
> XHTML document.
>
> Reason 1:
> Moving all script into the head makes it easier to find and makes impossible
> bad (and often non WCAG
> compliant) practices such as attaching script to xml attributes.
> It makes it less of a jungle.
>
> Reason 2:
> If we have no script in the body of any documents then users can implement
> filters which remove any
> script after the</head> tag. This would make script injection certifiably
> impossible.
>
>
> WDYT?
Even if it's not possible to enforce it everywhere, I still think that
it should be a written best practice which should be followed as often
as possible. It's good for the quality of the code, it's less messy, it
makes it easier to find places where javascript is written.
As for code depending on existing content, a practice which works in
most cases is to use certain classes which are used in an
xwiki:dom:loaded script. Even something as complex as the WYSIWYG
initialization might be done with an XML comment or a processing
instruction, which can be parsed (JSON).
<?xwiki-wysiwyg
{
hookId: 'abc',
cacheId: 'xyz',
plugins: ['font', 'color', 'table']
}
?>
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
