Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Figuring out what's being viewed in the browser
I’m building a boilerplate for a new project, and I have a chunk of code that — I think — will cover all eventualities of what’s being displayed in the browser. It looks like this:
<txp:if_article_list>
<txp:if_section name="default">
<txp:if_status status="404">
<p>is article list or individual article, is default, is 404</p>
<txp:else />
<txp:if_search>
<p>is search results, is default, not 404</p>
<txp:else />
<txp:if_category>
<p>is category, is default, not 404</p>
<txp:else />
<p>is default, not 404</p>
</txp:if_category>
</txp:if_search>
</txp:if_status>
<txp:else />
<txp:if_status status="404">
<p>is article list, not default, is 404</p>
<txp:else />
<p>is article list, not default, not 404</p>
</txp:if_status>
</txp:if_section>
<txp:else />
<p>is individual article, not 404</p>
</txp:if_article_list>
This seems to work with my testing, but I’m curious what fresh (independent) eyes might find. Have I missed anything, even trivial?
Last edited by gaekwad (2013-11-28 17:08:03)
Offline
Re: Figuring out what's being viewed in the browser
Hi Pete
It seems that the whole code is based on error pages to me. My approach would be to use the error_default template for those “non pages” and the main templates for the content of the site
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Figuring out what's being viewed in the browser
Textpattern uses more error codes than 404. Textpattern’s core invokes total of 6 statuses: 200
, 401
, 403
, 404
, 500
and 503
, and you can respond with any other status using the txp_die tag.
You may not want to mix error templates and your normal templates. Number of tags do not display legitimate results on error pages. For instance section and category tags will return the raw request value that caused the error in the first place, allowing potential XSS vector if those values are ever trusted.
Last edited by Gocom (2013-11-28 20:49:43)
Offline
Re: Figuring out what's being viewed in the browser
Thank you, gentlemen.
Mea culpa, I should’ve clarified: I normally use the exact same page content for default
and error_default
because then the appearance is (largely) uniform across the site, aside from the error messages.
I had missed some of the statuses, so thank you, Jukka. I don’t do anything strange with tags when there are errors thrown, that’s purely so I can tailor the text on screen – certainly nothing that might cause any XSS issues.
Offline
Re: Figuring out what's being viewed in the browser
I went back to the drawing board and rewrote my code.
This code should, if my thinking is correct:
- not doing anything to trigger XSS issues on error pages
- catch articles, article lists, search results and category (search) results
Same as before, it will be used in the default
and error_default
pages to ensure the look-and-feel is similar across error and non-error pages. Here’s the code:
<txp:if_status status="200">
<txp:if_article_list>
<txp:if_section name="default">
<txp:if_search>
<p>is search</p>
<txp:else />
<txp:if_category>
<p>is category</p>
<txp:else />
<p>is homepage</p>
</txp:if_category>
</txp:if_search>
<txp:else />
<p>is article list, not default</p>
</txp:if_section>
<txp:else />
<p>is individual article</p>
<txp:article />
</txp:if_article_list>
<txp:else />
<txp:if_status status="401">
<p>401 error text</p>
</txp:if_status>
<txp:if_status status="403">
<p>403 error text</p>
</txp:if_status>
<txp:if_status status="404">
<p>404 error text</p>
</txp:if_status>
<txp:if_status status="500">
<p>500 error text</p>
</txp:if_status>
<txp:if_status status="503">
<p>503 error text</p>
</txp:if_status>
</txp:if_status>
Assuming articles, article lists, search and category results are taken care of, are there any other things that can be sent to a browser with Textpattern? I’m excluding raw images and files because they don’t have a wrapper, they’re just delivered.
Thank you in advance.
Last edited by gaekwad (2013-11-29 11:12:59)
Offline
Re: Figuring out what's being viewed in the browser
Author lists? (See txp:if_author)
Offline
Re: Figuring out what's being viewed in the browser
Offline
#8 2013-11-29 13:28:52
- uli
- Moderator
- From: Cologne
- Registered: 2006-08-15
- Posts: 4,305
Re: Figuring out what's being viewed in the browser
The only remaining one of these in a URL that might make sense checking will be ?month=nnnn
I assume.
In bad weather I never leave home without wet_plugout, smd_where_used and adi_form_links
Offline
Re: Figuring out what's being viewed in the browser
Textpattern’s core also seems to use 410
status code. Its used when accessing expired articles and Publish expired articles? is set off in the preferences. One of the best way to handle errors is usually by creating separate page templates (error_nnn
), e.g.
- error_default (the fallback used if specific error template doesn’t exist).
- error_401
- error_403
- error_404
- error_410
- error_500
- error_503
This avoids nesting, and keeps the code base module-ish. I usually recommend creating error_403, error_404 and error_503, and leaving error_default ‘empty-ish, plain’. If article expirations are used, creating error_410 might be a good idea too.
Textpattern has few additional parameters that affect the served content:
- context
- m/month
- pg
There are no real tags for those, tho, but you can read the values with page_url and use if_variable/variable to build the conditions.
You can detect file download (errors) with:
<txp:if_section name="file_download">
On file download.
</txp:if_section>
file_download
is the section on file download request.
Last edited by Gocom (2013-11-29 13:37:12)
Offline
Re: Figuring out what's being viewed in the browser
Thank you, sirs – you have been very helpful.
Last edited by gaekwad (2013-11-29 14:28:51)
Offline