admin管理员组

文章数量:1288089

Is it a good idea to store HTML in Firebase (AngularFire)?

I have a website where I am creating an admin site where users can make HTML elements. I want people to save these elements and the order and the content within the elements. So I thought it would be much easier to just store the whole HTML as a string and load it in when they return. Bad idea?

Here is what I have (simplification):

$scope.save = function() {
    var refState = new Firebase("https://<name>.firebaseio/users/" + currentAuth.uid + "/state");
    var html = "<div>hello</div>";
    refState.set({
        "state": html
    }, function(error) {
        if (error) {
            console.log("not been saved")
        }
    })
}

And in my HTML I retrieve want to display it like this using Angular, (yeah I know now how to render HTML in Angular thanks to the ments :)

<div class="well col-md-12">
{{sync[3].state}}
</div>

Is it a good idea to store HTML in Firebase (AngularFire)?

I have a website where I am creating an admin site where users can make HTML elements. I want people to save these elements and the order and the content within the elements. So I thought it would be much easier to just store the whole HTML as a string and load it in when they return. Bad idea?

Here is what I have (simplification):

$scope.save = function() {
    var refState = new Firebase("https://<name>.firebaseio./users/" + currentAuth.uid + "/state");
    var html = "<div>hello</div>";
    refState.set({
        "state": html
    }, function(error) {
        if (error) {
            console.log("not been saved")
        }
    })
}

And in my HTML I retrieve want to display it like this using Angular, (yeah I know now how to render HTML in Angular thanks to the ments :)

<div class="well col-md-12">
{{sync[3].state}}
</div>
  • javascript
  • html
  • angularjs
  • firebase
  • angularfire
Share Improve this question edited May 10, 2015 at 1:09 scniro 17k8 gold badges66 silver badges107 bronze badges asked May 9, 2015 at 13:14 MichelangeloMichelangelo 5,9585 gold badges35 silver badges51 bronze badges 7
  • possible duplicate of How to render html with angular templates – Frank van Puffelen Commented May 9, 2015 at 14:39
  • I feel that this might be a case of the XY problem. Perhaps try telling us what you are actually trying to achieve by storing HTML in Firebase? – user2124834 Commented May 9, 2015 at 15:45
  • @FrankvanPuffelen Yeah ok I got it, thanks. But is it bad in terms of safety to store HTML in firebase? – Michelangelo Commented May 9, 2015 at 17:48
  • @Marein No this is bascially what I am trying to do. I want to create an admin site where people can create html elements and store them. These elements differ highly from each other and have dynamic content plus they are not in a set order. So it seemed easier to me to just store the whole html as a string and when they returned I jsut load in the HTML and they can modify/continue from there – Michelangelo Commented May 9, 2015 at 17:54
  • @FrankvanPuffelen Hi Frank you seem from the Firebase team. In the answers someone suggested using Firepad to store HTML. Does this bring the same safety problems mentioned in the other answers, XXS issues for example? – Michelangelo Commented May 10, 2015 at 11:08
 |  Show 2 more ments

3 Answers 3

Reset to default 5

Storing stringified HTML in firebase is no worse than storing it in a different datastore. You'll want to consider XSS issues, including things like what if they define <style>body{display:none}</style> in their html.

Are you creating a real full fleshed content creation system? If so, it's sometimes hard to get away from user defined HTML, usually from CKeditor, tinymce, etc. However, if the items that they're building are all similar, you should consider how you can store/restore them in a better data format. Most of the time there is a better way to save and restore user defined content that storing straight HTML.

I'd suggest checking out Firepad.

  • Firepad is a drop-in "Open source collaborative code and text editing" experience for Firebase apps.
  • "Firepad can use either the CodeMirror editor or the Ace editor to render documents."
  • Easily allows for a rich text-editor experience that seamlessly stores/syncs the content in a Firebase instance.

As the documentation describes, this is how you initialize Firepad:

<div id="firepad"></div>
<script>
  var firepadRef = new Firebase('<FIREBASE URL>');
  var codeMirror = CodeMirror(document.getElementById('firepad'), { lineWrapping: true });
  var firepad = Firepad.fromCodeMirror(firepadRef, codeMirror,
      { richTextShortcuts: true, richTextToolbar: true, defaultText: 'Hello, World!' });
</script>

It's perfectly fine to store HTML in Firebase.

Koding., Nitrous.io, and more use Firepad for their collaborative code editor products.

  1. I think it's very bad idea to store html in firebase, store only pain text
  2. How to render html with angular templates

本文标签: javascriptStoring HTML in Firebase (AngularFire)good idea or badStack Overflow

版权声明:本文标题:javascript - Storing HTML in Firebase (AngularFire), good idea or bad? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741335643a2373024.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。