On 28 August 2012 09:57, Tim Starling <tstarling(a)wikimedia.org> wrote:
On 28/08/12 13:04, Daniel Friesen wrote:
I still can't believe the high-level jQuery
answer after all these
years to "Select a div with an id provided by the user" is "Use `$(
"div#" + userInput )` and hope there are no special characters. Or
find some way to escape it yourself." when low-level dom can just
query by ID and there is no reason for jQuery to force people to
express everything in querys they parse when they could actually
declare portions of a query with object notations.
I share your reservations about jQuery, I voiced them at the time it
was introduced to MediaWiki. I trolled the proponents by musing about
how awesome jQuery would be if the selector engine (Sizzle) were removed.
Personally, I would use document.getElementById() to do that. It's
standard, and it's faster and more secure. More complex selectors
derived from user input can be replaced with jQuery.filter() etc. with
no loss of performance.
The selector thing is a query language, and very powerful / abusable.
Pretty much like SQL or any other 4th generation programming language.
Is high level, so you always have the risk of people doing something
weird, but normally allow for JQuery programs to do in 3 lines of code
what normally will take 30 or 50 lines. These 3 lines have less
probability to be bug free, and shows intention better than the low
level enhanced javascript code. The Javascript language is hard in a
non obvious way, and this help is necessary.
--
--
ℱin del ℳensaje.