I know there are a number of "Try It Yourself" JavaScript editors, such as W3School's Try It editor, JSBin, and JSFiddle.
I'm developing a graphical JavaScript library that I'd like to let people try out from my own site (one difference from other editors is that my output would be to a canvas, not an HTML frame). Not wanting to reinvent the wheel, are there established ways for creating a "Try It Yourself" capability that consider issues like DOM-based scripting vulnerabilities?
I know there are a number of "Try It Yourself" JavaScript editors, such as W3School's Try It editor, JSBin, and JSFiddle.
I'm developing a graphical JavaScript library that I'd like to let people try out from my own site (one difference from other editors is that my output would be to a canvas, not an HTML frame). Not wanting to reinvent the wheel, are there established ways for creating a "Try It Yourself" capability that consider issues like DOM-based scripting vulnerabilities?
Share Improve this question asked Jan 9, 2012 at 20:48 David KoelleDavid Koelle 20.8k23 gold badges94 silver badges130 bronze badges 8- 1 JSFiddle just takes the HTML, CSS, and JavaScript you provide and loads it into an iFrame. – gen_Eric Commented Jan 9, 2012 at 20:53
- Similar in that it talks about Try-It editors, but does not get to the development of such an editor: stackoverflow.com/questions/2814453/…, stackoverflow.com/questions/2114160/… – David Koelle Commented Jan 9, 2012 at 20:54
- 3 @David: In the accepted answer of the second question you linked to, a link to JSBin's GitHub repository is provided. Perhaps examining that would be a helpful starting point? – Colin Brock Commented Jan 9, 2012 at 21:01
- 1 @Mark - I would think so, too, but then I come across so much "eval === evil" that I had second thoughts. – David Koelle Commented Jan 9, 2012 at 21:24
- 1 I can't find any established ways either, but if I were to go about reinventing this wheel I would consider sanitizing the code with JSLint (jslint.com) before injecting it into an IFRAME – George Mandis Commented Jan 11, 2012 at 1:25
3 Answers
Reset to default 9A simple design would be a start page with a form containing three textarea's and one iframe. The textarea's contain the html/css and javascript parts, and the iframe contains the result:
<!--index.html-->
<html>
<form method="post" action="tryit-result.php" target="result">
<button>Try it</button>
<table>
<tr>
<td><textarea name="html"></textarea></td>
<td><textarea name="css"></textarea></td>
</tr>
<tr>
<td><textarea name="js"></textarea></td>
<td><iframe src="tryit-result.php" name="result"></iframe></td>
</tr>
</table>
</form>
</html>
The submit is then handled at the server by saving the html/css/scripts to file and then returning a page that references these files, something in the line of:
<!--tryit-result.php-->
<html>
<head>
<style type='text/css'>
<?php echo file_get_contents('css contents')?>
</style>
<script type='text/javascript'>
$(function() {
<?php echo file_get_contents('js contents')?>
});
</script>
</head>
<body>
<?php echo file_get_contents('html contents')?>
</body>
</html>
This doesnt require 2 files at all infact this can be done very easily: For simplicity im just creating a single textarea but you can create 3 textarea if you want to and add prefixes such as <style> or <script> etc
<body>
<textarea id="code" oninput="putcode(this.value)">
</textarea>
<iframe frameborder="0"></iframe>
<script>
var val;
function putcode(val){
document.querySelector("iframe").srcdoc=val;
}
</script>
</body>
You can add further css code to make it prettier but this is quite a basic version of what im trying to explain.and there is no need to worry about security as this is perfectly secure.
Create a simple html page with textarea and iframe first :
<html>
<head>
<script type="text/javascript">
function data_submit()
{
document.form1.txt_data.value= document.form1.txt_html.value;
}
</script>
<title>Try It yourself Online Editor</title>
</head>
<body>
<form name="form1" id="form1" method="post" action="" >
<table width="100%" cellspacing="0" cellpadding="0" border="1">
<tr >
<td>
<input type="submit" name="bt_submit" value="Click to Execute " align="top" onClick="data_submit();"/>
</td>
<td align="center">Output</td>
</tr>
<tr>
<td width="50%" >
<input type="text" name="txt_data" value="" style="visibility:hidden;" />
<textarea rows="35" width="90px" height="550px" cols="77" name="txt_html">
</textarea>
</td>
<td width="50%" style="border-width:10px;border-style:none;">
<iframe height="550px" width="100%" src="try_it.php" name="iframe_a"></iframe>
</td>
</table>
</form>
</body>
</html>
Now code written by the user need to be displayed in the iframe so we need to store the code in a file. Write PHP code to create a file. following is the code create a file.
if(isset($_POST['bt_submit']))
{
$file = "try_it.php";
$fp = fopen($file, 'w');
//Following code will store the content in textarea in a variable which will create a file.
$content = $_POST['txt_data'];
fwrite($fp, $content);
fclose($fp);
}
?>
Following php code is written to display a default output and changed output after submit button is clicked by the user.
<?php
if(isset($_POST['bt_submit']))
{
echo trim($content);
}
else
{
echo "<html>\n";
echo "<body>\n";
echo "<h1>Hello World!!!</h1>\n";
echo "</body>\n";
echo "</html>\n";
} ?>
Now combine all the code and you will get a simple try it yourself editor.