Exposing a node.js variable to the clientHow do I debug Node.js applications?How do I get started with Node.jsWriting files in Node.jsHow do I pass command line arguments to a Node.js program?Check synchronously if file/directory exists in Node.jsRead environment variables in Node.jsHow to decide when to use Node.js?How to exit in Node.jsWhat is the purpose of Node.js module.exports and how do you use it?How to get GET (query string) variables in Express.js on Node.js?
Grammar Question Regarding "Are the" or "Is the" When Referring to Something that May or May not be Plural
Is it possible to build VPN remote access environment without VPN server?
What is the largest (size) solid object ever dropped from an airplane to impact the ground in freefall?
Construct a word ladder
Where have Brexit voters gone?
When and what was the first 3D acceleration device ever released?
R-Squared for a non linear curve
How to use " shadow " in pstricks?
How to Pin Point Large File eating space in Fedora 18
How can I tell if I'm being too picky as a referee?
Have 1.5% of all nuclear reactors ever built melted down?
Is the field of q-series 'dead'?
My employer faked my resume to acquire projects
Reduction from Exact Cover to Fixed Exact Cover
In general, would I need to season a meat when making a sauce?
Why does this if-statement combining assignment and an equality check return true?
pic versus macro in TikZ
Use backslash or single-quotes for field separation
Why colon to denote that a value belongs to a type?
Where is the logic in castrating fighters?
How did these characters "suit up" so quickly?
Why are C64 games inconsistent with which joystick port they use?
Website returning plaintext password
What is Theresa May waiting for?
Exposing a node.js variable to the client
How do I debug Node.js applications?How do I get started with Node.jsWriting files in Node.jsHow do I pass command line arguments to a Node.js program?Check synchronously if file/directory exists in Node.jsRead environment variables in Node.jsHow to decide when to use Node.js?How to exit in Node.jsWhat is the purpose of Node.js module.exports and how do you use it?How to get GET (query string) variables in Express.js on Node.js?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I would like to expose a node.js server variable to the client. I am trying to get express-expose to work.
I am not sure how to initialise and use that library.
In the express-expose guide the usage doesn't make sense
var express = require('express');
var expose = require('express-expose');
app = expose(app);
app.expose(...);
how can I use app in 'expose(app') before it was initialised ?
I used
const app = expose(express());
app.expose('var some = "variable";','head');
but that doesn't seem to work either.
Can anyone supply me please with an example that initialises the express-expose library and exports var 'some' to the client ?
(By exposing to the client I mean it will be available to all my javascript files as a global variable so that I could do 'console.log(some);' and it would print its value)
node.js express pug
edited Mar 24 at 6:00
molamk
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
add a comment |
I would like to expose a node.js server variable to the client. I am trying to get express-expose to work.
I am not sure how to initialise and use that library.
In the express-expose guide the usage doesn't make sense
var express = require('express');
var expose = require('express-expose');
app = expose(app);
app.expose(...);
how can I use app in 'expose(app') before it was initialised ?
I used
const app = expose(express());
app.expose('var some = "variable";','head');
but that doesn't seem to work either.
Can anyone supply me please with an example that initialises the express-expose library and exports var 'some' to the client ?
(By exposing to the client I mean it will be available to all my javascript files as a global variable so that I could do 'console.log(some);' and it would print its value)
node.js express pug
edited Mar 24 at 6:00
molamk
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18
add a comment |
I would like to expose a node.js server variable to the client. I am trying to get express-expose to work.
I am not sure how to initialise and use that library.
In the express-expose guide the usage doesn't make sense
var express = require('express');
var expose = require('express-expose');
app = expose(app);
app.expose(...);
how can I use app in 'expose(app') before it was initialised ?
I used
const app = expose(express());
app.expose('var some = "variable";','head');
but that doesn't seem to work either.
Can anyone supply me please with an example that initialises the express-expose library and exports var 'some' to the client ?
(By exposing to the client I mean it will be available to all my javascript files as a global variable so that I could do 'console.log(some);' and it would print its value)
node.js express pug
edited Mar 24 at 6:00
molamk
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
I would like to expose a node.js server variable to the client. I am trying to get express-expose to work.
I am not sure how to initialise and use that library.
In the express-expose guide the usage doesn't make sense
var express = require('express');
var expose = require('express-expose');
app = expose(app);
app.expose(...);
how can I use app in 'expose(app') before it was initialised ?
I used
const app = expose(express());
app.expose('var some = "variable";','head');
but that doesn't seem to work either.
Can anyone supply me please with an example that initialises the express-expose library and exports var 'some' to the client ?
(By exposing to the client I mean it will be available to all my javascript files as a global variable so that I could do 'console.log(some);' and it would print its value)
node.js express pug
node.js express pug
edited Mar 24 at 6:00
molamk
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
edited Mar 24 at 6:00
molamk
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
edited Mar 24 at 6:00
molamk
2,7661518
edited Mar 24 at 6:00
molamk
2,7661518
edited Mar 24 at 6:00
molamk
2,7661518
2,7661518
asked Mar 24 at 5:33
YaronYaron
5017
asked Mar 24 at 5:33
YaronYaron
5017
asked Mar 24 at 5:33
YaronYaron
5017
5017
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18
add a comment |
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18
add a comment |
3 Answers
3
active
oldest
votes
Using Pug
Since you're using Express with Pug, you can just call the res.render function and give it the variable you want. Here's how to do that.
Let's say you have a template called index.pug, it may look like this:
html
head
title= title
body
h1= message
On your server, the code responsible for the rendering should look like this. In this case we're passing someVariable to the view that needs to be rendered.
const someVariable = 'hello world!';
app.get('/', function (req, res)
res.render('index', title: 'Hey', message: someVariable )
)
A note on express-expose
The express-expose library is not maintained and hasn't been updated in 5 years. My advice would be to just render your variable as described previously or just use AJAX requests.
A note on using a global variable
I am using the 'pug' view engine. It is passed to the view but I want
it as a global javascript variable.
A better idea is to use Template Inheritence to create "generic layouts" and extend them as needed. Sharing a global variable with file you're rendering will not update it magically on the front-end if you're changing it in the back-end. Even if the variable is global.
If you want to reflect "real-time changes" you should look into Socket.io.
answered Mar 24 at 6:20
molamkmolamk
2,7661518
add a comment |
This seems like a code smell... But regardless, there are cleaner ways to do it.
If you want to expose a data object, that is, an object just containing keys and values, you could embed it in the rendered webpage, make it available via some API endpoint that the client can acquire via an AJAX request, or expose a raw Javascript file that can be included via <script> (or I guess script(...) in pug).
If you want to expose a more complex Javascript object, such as a class or an object with function definitions, you could expose the Javascript file and include it via script(...).
However, you should be very careful exposing a file used by the server. If there are any vulnerabilities, they are now public. If there are any hard-coded passwords (which shouldn't be in code anyway), they are now public. Anything in this file is now public, so if you do indeed want to do this, be very careful about what code gets into this now client-side file.
If you need more details on how this could work, please comment :)
Edit: Also be aware that using the embedded and include methods would not allow the variable to be updated on-the-fly. If you need the client to track any changes to the data as it changes on the server, you will want to use AJAX. This is the best method, in my opinion. It offers you the most flexibility.
Another edit: Judging by the issues on the express-expose project, it seems not well supported and maybe has security issues. For now, I would avoid it. Maybe at a later time, it will be helpful and secure.
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
add a comment |
If you want to expose a variable value to the client from server , that never changes or updates, you can simply add a hidden input field in your template and add the value of it
In your EJS template file this would look like
<% if (data) %>
<input type="hidden" value="<%= data %>" id="myGlobal"/>
<% %>
you must pass the data value in your res.render('template',data:"hello") function to the template.
You can access this variable value from client using a simple document.getElementById("myGlobal").Again don't pass any sensitive information in hidden fields.
If you want to pass sensitive information , implement an endpoint in your server with authentication and call the endpoint from client via an ajax call .This is also a best approach to update the value of the variable from client side.
answered Mar 24 at 6:16
jenil christojenil christo
367312
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55321014%2fexposing-a-node-js-variable-to-the-client%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
Using Pug
Since you're using Express with Pug, you can just call the res.render function and give it the variable you want. Here's how to do that.
Let's say you have a template called index.pug, it may look like this:
html
head
title= title
body
h1= message
On your server, the code responsible for the rendering should look like this. In this case we're passing someVariable to the view that needs to be rendered.
const someVariable = 'hello world!';
app.get('/', function (req, res)
res.render('index', title: 'Hey', message: someVariable )
)
A note on express-expose
The express-expose library is not maintained and hasn't been updated in 5 years. My advice would be to just render your variable as described previously or just use AJAX requests.
A note on using a global variable
I am using the 'pug' view engine. It is passed to the view but I want
it as a global javascript variable.
A better idea is to use Template Inheritence to create "generic layouts" and extend them as needed. Sharing a global variable with file you're rendering will not update it magically on the front-end if you're changing it in the back-end. Even if the variable is global.
If you want to reflect "real-time changes" you should look into Socket.io.
answered Mar 24 at 6:20
molamkmolamk
2,7661518
add a comment |
Using Pug
Since you're using Express with Pug, you can just call the res.render function and give it the variable you want. Here's how to do that.
Let's say you have a template called index.pug, it may look like this:
html
head
title= title
body
h1= message
On your server, the code responsible for the rendering should look like this. In this case we're passing someVariable to the view that needs to be rendered.
const someVariable = 'hello world!';
app.get('/', function (req, res)
res.render('index', title: 'Hey', message: someVariable )
)
A note on express-expose
The express-expose library is not maintained and hasn't been updated in 5 years. My advice would be to just render your variable as described previously or just use AJAX requests.
A note on using a global variable
I am using the 'pug' view engine. It is passed to the view but I want
it as a global javascript variable.
A better idea is to use Template Inheritence to create "generic layouts" and extend them as needed. Sharing a global variable with file you're rendering will not update it magically on the front-end if you're changing it in the back-end. Even if the variable is global.
If you want to reflect "real-time changes" you should look into Socket.io.
answered Mar 24 at 6:20
molamkmolamk
2,7661518
add a comment |
Using Pug
Since you're using Express with Pug, you can just call the res.render function and give it the variable you want. Here's how to do that.
Let's say you have a template called index.pug, it may look like this:
html
head
title= title
body
h1= message
On your server, the code responsible for the rendering should look like this. In this case we're passing someVariable to the view that needs to be rendered.
const someVariable = 'hello world!';
app.get('/', function (req, res)
res.render('index', title: 'Hey', message: someVariable )
)
A note on express-expose
The express-expose library is not maintained and hasn't been updated in 5 years. My advice would be to just render your variable as described previously or just use AJAX requests.
A note on using a global variable
I am using the 'pug' view engine. It is passed to the view but I want
it as a global javascript variable.
A better idea is to use Template Inheritence to create "generic layouts" and extend them as needed. Sharing a global variable with file you're rendering will not update it magically on the front-end if you're changing it in the back-end. Even if the variable is global.
If you want to reflect "real-time changes" you should look into Socket.io.
answered Mar 24 at 6:20
molamkmolamk
2,7661518
Using Pug
Since you're using Express with Pug, you can just call the res.render function and give it the variable you want. Here's how to do that.
Let's say you have a template called index.pug, it may look like this:
html
head
title= title
body
h1= message
On your server, the code responsible for the rendering should look like this. In this case we're passing someVariable to the view that needs to be rendered.
const someVariable = 'hello world!';
app.get('/', function (req, res)
res.render('index', title: 'Hey', message: someVariable )
)
A note on express-expose
The express-expose library is not maintained and hasn't been updated in 5 years. My advice would be to just render your variable as described previously or just use AJAX requests.
A note on using a global variable
I am using the 'pug' view engine. It is passed to the view but I want
it as a global javascript variable.
A better idea is to use Template Inheritence to create "generic layouts" and extend them as needed. Sharing a global variable with file you're rendering will not update it magically on the front-end if you're changing it in the back-end. Even if the variable is global.
If you want to reflect "real-time changes" you should look into Socket.io.
answered Mar 24 at 6:20
molamkmolamk
2,7661518
edited Mar 24 at 6:25
answered Mar 24 at 6:20
molamkmolamk
2,7661518
answered Mar 24 at 6:20
molamkmolamk
2,7661518
answered Mar 24 at 6:20
molamkmolamk
2,7661518
2,7661518
add a comment |
add a comment |
This seems like a code smell... But regardless, there are cleaner ways to do it.
If you want to expose a data object, that is, an object just containing keys and values, you could embed it in the rendered webpage, make it available via some API endpoint that the client can acquire via an AJAX request, or expose a raw Javascript file that can be included via <script> (or I guess script(...) in pug).
If you want to expose a more complex Javascript object, such as a class or an object with function definitions, you could expose the Javascript file and include it via script(...).
However, you should be very careful exposing a file used by the server. If there are any vulnerabilities, they are now public. If there are any hard-coded passwords (which shouldn't be in code anyway), they are now public. Anything in this file is now public, so if you do indeed want to do this, be very careful about what code gets into this now client-side file.
If you need more details on how this could work, please comment :)
Edit: Also be aware that using the embedded and include methods would not allow the variable to be updated on-the-fly. If you need the client to track any changes to the data as it changes on the server, you will want to use AJAX. This is the best method, in my opinion. It offers you the most flexibility.
Another edit: Judging by the issues on the express-expose project, it seems not well supported and maybe has security issues. For now, I would avoid it. Maybe at a later time, it will be helpful and secure.
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
add a comment |
This seems like a code smell... But regardless, there are cleaner ways to do it.
If you want to expose a data object, that is, an object just containing keys and values, you could embed it in the rendered webpage, make it available via some API endpoint that the client can acquire via an AJAX request, or expose a raw Javascript file that can be included via <script> (or I guess script(...) in pug).
If you want to expose a more complex Javascript object, such as a class or an object with function definitions, you could expose the Javascript file and include it via script(...).
However, you should be very careful exposing a file used by the server. If there are any vulnerabilities, they are now public. If there are any hard-coded passwords (which shouldn't be in code anyway), they are now public. Anything in this file is now public, so if you do indeed want to do this, be very careful about what code gets into this now client-side file.
If you need more details on how this could work, please comment :)
Edit: Also be aware that using the embedded and include methods would not allow the variable to be updated on-the-fly. If you need the client to track any changes to the data as it changes on the server, you will want to use AJAX. This is the best method, in my opinion. It offers you the most flexibility.
Another edit: Judging by the issues on the express-expose project, it seems not well supported and maybe has security issues. For now, I would avoid it. Maybe at a later time, it will be helpful and secure.
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
add a comment |
This seems like a code smell... But regardless, there are cleaner ways to do it.
If you want to expose a data object, that is, an object just containing keys and values, you could embed it in the rendered webpage, make it available via some API endpoint that the client can acquire via an AJAX request, or expose a raw Javascript file that can be included via <script> (or I guess script(...) in pug).
If you want to expose a more complex Javascript object, such as a class or an object with function definitions, you could expose the Javascript file and include it via script(...).
However, you should be very careful exposing a file used by the server. If there are any vulnerabilities, they are now public. If there are any hard-coded passwords (which shouldn't be in code anyway), they are now public. Anything in this file is now public, so if you do indeed want to do this, be very careful about what code gets into this now client-side file.
If you need more details on how this could work, please comment :)
Edit: Also be aware that using the embedded and include methods would not allow the variable to be updated on-the-fly. If you need the client to track any changes to the data as it changes on the server, you will want to use AJAX. This is the best method, in my opinion. It offers you the most flexibility.
Another edit: Judging by the issues on the express-expose project, it seems not well supported and maybe has security issues. For now, I would avoid it. Maybe at a later time, it will be helpful and secure.
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
This seems like a code smell... But regardless, there are cleaner ways to do it.
If you want to expose a data object, that is, an object just containing keys and values, you could embed it in the rendered webpage, make it available via some API endpoint that the client can acquire via an AJAX request, or expose a raw Javascript file that can be included via <script> (or I guess script(...) in pug).
If you want to expose a more complex Javascript object, such as a class or an object with function definitions, you could expose the Javascript file and include it via script(...).
However, you should be very careful exposing a file used by the server. If there are any vulnerabilities, they are now public. If there are any hard-coded passwords (which shouldn't be in code anyway), they are now public. Anything in this file is now public, so if you do indeed want to do this, be very careful about what code gets into this now client-side file.
If you need more details on how this could work, please comment :)
Edit: Also be aware that using the embedded and include methods would not allow the variable to be updated on-the-fly. If you need the client to track any changes to the data as it changes on the server, you will want to use AJAX. This is the best method, in my opinion. It offers you the most flexibility.
Another edit: Judging by the issues on the express-expose project, it seems not well supported and maybe has security issues. For now, I would avoid it. Maybe at a later time, it will be helpful and secure.
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
edited Mar 24 at 6:10
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
answered Mar 24 at 5:56
TheBeegeTheBeege
901111
901111
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
add a comment |
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
I am trying to get the express-expose library to work, it has other advantages (for example exposing functions that can be shared between server and client). But for now I just want to get the library to work.
– Yaron
Mar 24 at 6:08
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
That can be done by embedding Javascript in the rendered webpage or exposing a Javascript source file at some endpoint. In the issues, people are saying that this library produces XSS vulnerabilities. I recommend against using it for now.
– TheBeege
Mar 24 at 6:12
add a comment |
If you want to expose a variable value to the client from server , that never changes or updates, you can simply add a hidden input field in your template and add the value of it
In your EJS template file this would look like
<% if (data) %>
<input type="hidden" value="<%= data %>" id="myGlobal"/>
<% %>
you must pass the data value in your res.render('template',data:"hello") function to the template.
You can access this variable value from client using a simple document.getElementById("myGlobal").Again don't pass any sensitive information in hidden fields.
If you want to pass sensitive information , implement an endpoint in your server with authentication and call the endpoint from client via an ajax call .This is also a best approach to update the value of the variable from client side.
answered Mar 24 at 6:16
jenil christojenil christo
367312
add a comment |
If you want to expose a variable value to the client from server , that never changes or updates, you can simply add a hidden input field in your template and add the value of it
In your EJS template file this would look like
<% if (data) %>
<input type="hidden" value="<%= data %>" id="myGlobal"/>
<% %>
you must pass the data value in your res.render('template',data:"hello") function to the template.
You can access this variable value from client using a simple document.getElementById("myGlobal").Again don't pass any sensitive information in hidden fields.
If you want to pass sensitive information , implement an endpoint in your server with authentication and call the endpoint from client via an ajax call .This is also a best approach to update the value of the variable from client side.
answered Mar 24 at 6:16
jenil christojenil christo
367312
add a comment |
If you want to expose a variable value to the client from server , that never changes or updates, you can simply add a hidden input field in your template and add the value of it
In your EJS template file this would look like
<% if (data) %>
<input type="hidden" value="<%= data %>" id="myGlobal"/>
<% %>
you must pass the data value in your res.render('template',data:"hello") function to the template.
You can access this variable value from client using a simple document.getElementById("myGlobal").Again don't pass any sensitive information in hidden fields.
If you want to pass sensitive information , implement an endpoint in your server with authentication and call the endpoint from client via an ajax call .This is also a best approach to update the value of the variable from client side.
answered Mar 24 at 6:16
jenil christojenil christo
367312
If you want to expose a variable value to the client from server , that never changes or updates, you can simply add a hidden input field in your template and add the value of it
In your EJS template file this would look like
<% if (data) %>
<input type="hidden" value="<%= data %>" id="myGlobal"/>
<% %>
you must pass the data value in your res.render('template',data:"hello") function to the template.
You can access this variable value from client using a simple document.getElementById("myGlobal").Again don't pass any sensitive information in hidden fields.
If you want to pass sensitive information , implement an endpoint in your server with authentication and call the endpoint from client via an ajax call .This is also a best approach to update the value of the variable from client side.
answered Mar 24 at 6:16
jenil christojenil christo
367312
answered Mar 24 at 6:16
jenil christojenil christo
367312
answered Mar 24 at 6:16
jenil christojenil christo
367312
answered Mar 24 at 6:16
jenil christojenil christo
367312
367312
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55321014%2fexposing-a-node-js-variable-to-the-client%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What do you mean by "expose a variable" from a server to the client?
– molamk
Mar 24 at 5:40
Are you using a view engine? i.e. ejs? handlebars? seems like it passes it to the template
– ceckenrode
Mar 24 at 5:40
I mean I would like the variable to be available to javascript. (for example - console.log(some); would print its value.
– Yaron
Mar 24 at 5:48
I am using the 'pug' view engine. It is passed to the view but I want it as a global javascript variable.
– Yaron
Mar 24 at 5:50
You might also want to look up app.local(local variable for the app through it's lifetime) or res.local(local variable through lifetime of a single request) from expressjs expressjs.com/en/4x/api.html#app.locals
– 1556089774
Mar 24 at 11:18