If you can't read please download the document
Upload
goro-fuji
View
6.300
Download
1
Embed Size (px)
DESCRIPTION
My presentation "How Xslate Works" at YAPC::Asia Tokyo 2010
Citation preview
2. Who am I?
3. @__gfx__ (twitter) I love...
4. Perl/XS 5. Moose/Mouse (as Any::Moose) 6. Agenda
7. How Xslate works
8. Why so fast Futures (TODOs) 9. Information 10. What is Xslate?
11. Written in XS
Fast, safe, easy to enhance 12. Multi-syntaxes (esp. TT-like syntax) 13. Kind error messages 14. What are template engines?
15. my $var = sprintf 'Hello, %s world', $foo; # Text::ClearSilver (requested by id:craftworks)
however, ClearSilver is not perfect 35. Thus, use Text::Xslate!
36. Xslate is at least the fastest, the most safe in the template engines on CPAN 37. Tutorial
38. new() accepts:syntax(template syntax) ,module(function-based modules),function(additional functions),path(include path),cache(caching level),cache_dir(used for caches) 39. render() returns a rendered text; cannot output to filehandles directly, nor set calbacks (unlike TT) 40. See alsoText::XslateandText::Xslate::Manual 41. Simplest example #!perl -w use 5.10.0; use strict; use Text::Xslate; my $tx= Text::Xslate-> new (); my %vars = ( lang => 'Xslate', ); # or $tx-> render ($file, vars); say $tx-> render_string ( $item {
= : }: include 'foo.tx' { bar => 'overrided' } :# See also ` perldoc Text::Xslate::Syntax::Kolon ` 43. Demo
xslate -e 'Hello, ' Xslate 44. xslate -s TTerse -e '[% ARGV.0 %]' 'Hi, TTerse' 45. See also example files inText-Xslate/example/ 46. Details
47. Safe (XSS tolerance and ristriction) 48. Multi-syntaxes
49. TTerse 50. Clevery Enhancement 51. Template cascading 52. Performance (1) RunText-Xslate/benchmark/x-rich-env.pl! 53. Performance (2)
54. based on benchmarks with Template::Benchmark Accoding to this report, Xslate is fastest on the 'instance_reuse' condition 55. i.e.Persistent PSGI applicationswill take the best performance 56. Safe (1)
57. a type of computer security vulnerability typically found inweb applicationsthat enables malicious attackers toinject client-side script into web pagesviewed by other users.(by Wikipedia) 58. Safe (2)
Problem: TT2 requiresexplicitescaping
59. Safe (3)
60. ->Text::MicroTemplate, Text::Xslate 61. This is XSS tolerance 62. Modern template engines (not only in Perl) should have XSS tolerance, and in fact do so. 63. How to write safe templates
64. Escape $foo in perl code, because whether $foo is escaped or not is obscure from templates 65. The 'raw' filter is provided only for string literals 66. Multi-syntaxes
67. TTerse TT2 compatible 68. Clevery Smarty (in PHP) compatible 69. Kolon
70. All the features are supported 71. Most optimized 72. TTerse
73. Available by default 74. More ristricted than the original TT2 75. No plugins, exceptions, nor mysterious features 76. As good as Kolon to run-time performance 77. Highly compatible, but diffrent to the basics of escaping mechanism 78. Clevery
79. Need to install Text::Clevery 80. With some overhead Clevery Clevery 81. Enhancement
Function-based modules
82. No plugin namespaces are required 83. Template cascading
More powerful than the 'include' command 84. Only available inKolon 85. See alsoText-Xslate/example/{cascade.pl,cascade,tx,base.tx} 86. How Xslate works
87. Parsing 88. Compiling
Executing Why so fast 89. Execution Process print $foo; fetch_s "foo" print end print $foo Virtual Machine { foo => 'bar' } bar" 90. Preprocessing
91. So convert to that first: 92. " print_raw 'Hello, '; print $lang; print_raw ' world!' " 93. See&T::X::Parser::preprocess 94. Parsing
95. Using Top Down Operator Precendence method 96. Explained in Beautiful Code (O'REILLY) 97. " It is easy to use. It feels a lot like Recursive Descent, but with the need for less code and with significantly better performance. ", Douglas Crockford introduced there. 98. See alsohttp://javascript.crockford.com/tdop/ 99. Top Down Operator Precedence
100. Templates -> Tokens (string) -> Symbols (T::X::Symbol) -> Nodes (T::X::Symbol) 101. Symbols (e.g. '+' for infix:) know what they do 102. One easily can extend parsers by adding symbols 103. The parser entry point is&T::X::Parser::statements 104. The heart of TDOP
105. nud : null denotation (for objects and prefixes) 106. led : left denotation (for infixes and postfixes) A "denotation" is a method called by statements() 107. Statement Denotation
sub std_while { my($parser, $symbol) = @_; # $symbol represents 'while' my $proc = $symbol->clone( arity => 'while' # node type ); $proc->first( # set first child $parser->expression(0) ); $parser->pointy($proc); # parse return $proc; } 108. Null Denotation
# '(' expr ')' sub nud_paren { my($parser, $symbol) = @_; # $symbol is '(' my $expr = $parser->expression(0); # $symbol->conterpart is ')' $parser->advance( $symbol->counterpart ); return $expr; } 109. Left Denotation
sub led_infix { my($parser, $symbol, $left) = @_; return $parser->binary( $symbol, $left, $parser->expression( $symbol->lbp) ); } 110. Compiling
111. Bytecodeis a serialized sequence ofopcodes
112. print_raw_s "Hello, " 113. fetch_s "lang" 114. print 115. print_raw_s " world!" 116. end Also perform optimization 117. Saveing/Loading Bytecode
UsingData::MessagePackfor serialization
118. Like JSON, but fast and small 119. See alsohttp://msgpack.org/ 120. Assembling
121. Using the direct threaded code paradigm 122. Executing
123. An opcode (e.g. 'fetch_s') is a block of code with an argument (a sv, int, or address of opcode) 124. e.g. ($a is a register, $out is the reuslt)
125. print# $out .= $a 126. Execution Process print $foo; fetch_s "foo" print end print $foo Virtual Machine { foo => 'bar' } bar" 127. Why so fast
128. Virtual Machine paradigm
HTML escaping 129. Preallocation of the output buffer 130. Optimizing bytecode
131. (->compile->) noop Injection of cascading templates
132. Thus, you cannot pass variables to 'cascade' $ ack -i 'optimize' lib/Text/Xslate/Compiler.pm 133. Virtual Machine
134. Register machine (two registers + one stack) 135. Direct Threaded Code
136. HTML Escaping
137. Using highly optimized routines (kazuho++)
138. tx_sv_cat_with_html_escape_force() atText-Xslate/xs/Text-Xslate.xs Experimental hacks for Text::MicroTemplate:
139. Preallocation
140. Then 141. First: Save the size of a template 142. Later: Preallocate the buffer with the saved size 143. Futures
144. Context controls 145. Augoment block modifiers 146. More template syntaxes 147. Xslate in WAF 148. Loop controls
149. 10 :> in Kolon 150. [% LAST IF a > 10 %] in TTerse 151. Context controls
152. postfix:?
postfix:?
Any ideas? 153. Augment Block Modifiers
154. 'augment' like block modifiers are requested 155. More templat syntaxes
156. Django (in Python) 157. Jinja (in Python) 158. Any ideas? 159. Xslate in WAF
160. MojoX::Renderer::Xslate for Mojo 161. Dancer::Template::Xslate for Dancer 162. Amon uses Xslate via Tiffany More examples are required!
163. Information
164. Web+DB Press Vol.59 165. Vote me! Mac Book Pro(>_