Skip to content

Instantly share code, notes, and snippets.

@barelyknown

barelyknown/unobtrusive_poller.js.coffee

Last active April 25, 2019 21:01
Show Gist options
  • Star 5 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save barelyknown/7391243 to your computer and use it in GitHub Desktop.
Save barelyknown/7391243 to your computer and use it in GitHub Desktop.
Download ZIP
Unobtrusive JavaScript solution for polling in a Rails application
Raw
unobtrusive_poller.js.coffee
###
Unobtrusive JavaScript solution for polling in a Rails application
Introduction:
Add a polling-placeholder wrapper div to any partial and add a data attribute
named poll that should be equal to "true" until you want to stop polling.
The default polling frequency will be used unless you provide an "interval" data
attribute which should be the number of milliseconds to use for the interval.
The name of the partial to render should be provided in the url params.
Example partial:
<div class="polling-placeholder">
<div id="foo_1" class="object" data-poll="true" data-url="/foo/1?partial=bar" data-interval="500">
<p>Hello World</p>
</div>
</div>
Example controller:
class FooController < ApplicationController
def show
@foo = Foo.find(params[:id])
respond_to do |format|
render partial: "foos/#{params[:partial]}", locals: { foo: @foo }
end
end
end
###
class Poller
constructor: (@div) ->
interval: ->
$(@div).data("interval") ? 3000
url: ->
$(@div).data("url")
start: ->
@intervalId = setInterval(@request, @interval())
request: =>
$.ajax(url: @url(), dataType: "script").always (data) =>
@replace(data.responseText) if data.status == 200
replace: (responseText) ->
placeholder = $(responseText)
partial = $($(responseText).html())
$("div#" + $(@div).attr("id")).closest("div.polling-placeholder").html(placeholder.html())
@stop() unless partial.data("poll")
stop: ->
clearInterval(@intervalId)
$ ->
$("div[data-poll='true']").each (i, div) ->
new Poller(div).start()
@eliotsykes
Copy link

eliotsykes commented Dec 15, 2017
edited

@barelyknown Thanks for the polling code (very useful!). Unfortunately I've caught the ruby code in the comments being used elsewhere to almost introduce a vulnerability into an app. It allows an attacker to manipulate what file is rendered.

(More on the vulnerability here for visitors interested in such things: https://www.owasp.org/index.php/Ruby_on_Rails_Cheatsheet#Dynamic_Render_Paths)

Suggested docs to remove the vulnerability:

Add a polling-placeholder wrapper div to any partial and add a data attribute
named poll that should be equal to "true" until you want to stop polling.
The default polling frequency will be used unless you provide an "interval" data
attribute which should be the number of milliseconds to use for the interval.
The URL to render should be provided in the url params.

Example partial:
<div class="polling-placeholder">
  <div id="foo_1" class="object" data-poll="true" data-url="/foo/1" data-interval="500">
    <p>Hello World</p>
  </div>
</div>

Example controller:
class FooController < ApplicationController
  def show
    @foo = Foo.find(params[:id])
    render partial: "foos/bar", locals: { foo: @foo }
  end
end

@mavu
Copy link

mavu commented Apr 6, 2018

Has anyone successfullyh used this in a rails 5 application with turbolinks in production mode?
It works fine in development, but does not in production. I suspect it to be some kind of turbolinks related issue, and tried

$(document).on('turbolinks:load', ->
to load it, but that does not work either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment