JSON makes very good use of Javascript’s literal object notation. But it’s a consequence of this fact that a JSON message can conveniently be processed by reading it into a variable and then running eval on the variable. [...] The moment you do this, of course, you expose your code to a Javascript injection attack.

• Michael Sperberg-McQueen | Messages in a bottle

I'm really enjoying Michael Sperberg-McQueen's klog. I hope he keeps it up.

Camping is great, yeah. JQuery too. Maybe you want to use them together? Here's how.

First, you need to set up a route for your JQuery. I've talked about sending static files with Camping before, so this is just a modification of that. [You can serve static files more sensibly than setting up a route for each type. Maybe one day I'll write about that.]

In your controller:

module MyApp::Controllers class Index < R '/' def get render :index end end class JQuery < R '/resources/jquery.js' def get currentdir = File.expandpath(File.dirname(FILE)) @headers['Content-Type'] = "text/javascript" @headers['X-Sendfile'] = "#{current_dir}/resources/jquery.js" end end end

Now you have to get the JQuery library in your view.
module MyApp::Views def layout html do head do title 'Using JQuery in Camping' end body { self << yield } end end def index script :src => R(JQuery), :type => 'text/javascript' script do ' $(document).ready(function() { alert("Hello world!"); }); ' end end end

The call to the R function creates the URL for the JQuery library. Now you can embed any JQuery yumminess that you want, right there in your view.