JSON makes very good use of Javascript’s literal object notation. But it’s a consequence of this fact that a JSON message can conveniently be processed by reading it into a variable and then running eval on the variable. [...] The moment you do this, of course, you expose your code to a Javascript injection attack.

• Michael Sperberg-McQueen | Messages in a bottle

I'm really enjoying Michael Sperberg-McQueen's klog. I hope he keeps it up.

Camping is great, yeah. JQuery too. Maybe you want to use them together? Here's how.

First, you need to set up a route for your JQuery. I've talked about sending static files with Camping before, so this is just a modification of that. [You can serve static files more sensibly than setting up a route for each type. Maybe one day I'll write about that.]

In your controller:

module MyApp::Controllers
  class Index < R '/'
    def get
      render :index
    end
  end
  class JQuery < R '/resources/jquery.js'
    def get
      current<em>dir = File.expand</em>path(File.dirname(<strong>FILE</strong>))
      @headers['Content-Type'] = "text/javascript"
      @headers['X-Sendfile'] = "#{current_dir}/resources/jquery.js"
    end
  end
end

Now you have to get the JQuery library in your view.

module MyApp::Views
  def layout
    html do
      head do
        title 'Using JQuery in Camping'
      end
      body { self << yield }
    end
  end
  def index
    script :src => R(JQuery), :type => 'text/javascript'
    script do '
      $(document).ready(function() {
          alert("Hello world!");
      });
      '
    end
  end
end

The call to the R function creates the URL for the JQuery library. Now you can embed any JQuery yumminess that you want, right there in your view.