Htmx 1.0.0 Release | Better HN

Htmx 1.0.0 Release | Better HN

58 comments

tmpfs5y ago

Congratulations on the release, i have been following htmx for a while and whilst have yet to use it, conceptually i think the ideas are solid.

I think the trend towards SPAs and everything is Javascript/JSX has created a situation where people build SPAs then add SSR as an afterthought.

This is anathema to the ideas of document driven web pages and i think htmx could be a good middle ground. Of course for some applications SPAs are the correct choice but I see many people reaching for them as the default rather than creating pages and enhancing when necessary.

I am working on some tooling in this space and hope to see how htmx could fit into progressively enhanced websites.

recursivedoubts5y ago

It isn't perfect yet, but hx-boost is supposed to be the progressive enhancement option in htmx:

https://htmx.org/attributes/hx-boost/

err4nt5y ago

> It's worth mentioning that, if you prefer, you can use the `data-` prefix when using htmx

I don't know why people who make frameworks either prefer invalid HTML, or if they do allow people to write valid HTML they seem to show the invalid code in the docs

You are not allowed to invent any old attributes you want and add them to any element and have it be valid HTML, but you can invent any attribute you want so long as it begins with `data-`.

https://html.spec.whatwg.org/multipage/dom.html#embedding-cu...

recursivedoubts5y ago

Practically, you are allowed to do so.

I understand both sides of the argument, so I set it up so you could choose which one you preferred. I don't see a reason to force my preferences on anyone.

clarkevans5y ago

Not only do browser manufacturers disregard that request, I observe that IETF has gone back on their idea of prefixing application protocols with 'X-`. See RFC 6648: "Deprecating the "X-" Prefix and Similar Constructs in Application Protocols"

https://tools.ietf.org/html/rfc6648

If the HTML standard changes so much as to collide with 'hx-` then application developers using HTMX will likely have bigger compatibility problems to deal with. Besides, regex replacement on your HTML templates isn't hard.

Using data- which is the niche made for this in the standard, seems to be the solution that's more likely to still work 15 years down the line.

tmpfs5y ago

I agree, the `data-` variant should be enforced so that the markup is always valid.

There seems to be a bit of irony citing whatwg in your attempt at shaming here —- the standard that was created to be a living document tracking what web developers and browser creators were implementing in the real world.

I’m not sure there is a good reason to require web authors to type an extra 5 character prefix every time they want to attach data to an element. This is supported by the fact that browsers can figure this out.

err4nt5y ago

Those five letters are the difference between safe code and unsafe code. If you've used data-* you can rest assured your attributes will always be author-defined and not interfere with any future real attributes defined by HTML, whatever those may be.

But if you invent and use invalid attributes, any browser could do something with that, any day, for any reason, and it wouldn't be a bug - you're the one that would have chosen to build on top of undocumented and non-standard behaviour. Does that sound like a reasonable approach to you when the safe and future-proof approach is so clearly marked and cheap and easy to do?

satvikpendem5y ago

But prepending with data can be annoying both from a "quickly reading" perspective, and an aesthetic one. The goal isn't to provide valid HTML necessarily but just allow the library to parse it correctly.

err4nt5y ago

How does writing invalid HTML help toward the goal of correct parsing exactly? To me it would seem to open up an infinite variety of edge cases that simply don't need to exist if you're working with 100% standard code.

Custom attributes are used since many years now and work on every browsers. Maybe the spec should be updated to reflect the usage.

err4nt5y ago

Custom attributes (without data-*) are invalid HTML unless you're using them on a custom HTML element. If you're defining a custom element, you're responsible for defining what its attributes mean - outside of that, no they aren't allowed and yes they are unsafe to use, and restrict the standards bodies from being able to move forward freely without risking breaking the web because of invalid code in the wild.

ezequiel-garzon5y ago

I don't know why people who make frameworks either prefer invalid HTML

I’m guessing people do this to make it less likely to have a name conflict with a custom attribute used by another library.

err4nt5y ago

The HTML spec mentions this:

    JavaScript libraries may use the custom data attributes, as they are considered to be part of the page on which they are used. Authors of libraries that are reused by many authors are encouraged to include their name in the attribute names, to reduce the risk of clashes. Where it makes sense, library authors are also encouraged to make the exact name used in the attribute names customizable, so that libraries whose authors unknowingly picked the same name can be used on the same page, and so that multiple versions of a particular library can be used on the same page even when those versions are not mutually compatible.

This is saying that if you have `data-thing`, then putting your own name in there is better, like `data-mylib-thing` to tell it apart from `data-yourlib-thing`, but the ultimate in flexibility and compatibility is if the end-user of your library can configure this part so they can safely tell `data-yourlib-v3-thing` apart from `data-yourlib-v4-thing` etc.

aecay5y ago

> If you want to stop polling from a server response you can respond with the HTTP response code 286 and the element will cancel the polling.

Oh wow, it gets a lot worse...

recursivedoubts5y ago

I'm the creator of htmx, glad to see this make HN.

Happy to answer questions.

mamcx5y ago

I only wanna to say thanks for this project. I make a ecommerce platform on Rust (not yet public) and it become one of the main reason I could do this as fast as it have. Combining with tailwindcss I think is near the holy grail for backend-first web apps :)

clarkevans5y ago

I'm also grateful for HTMX and the excellent development community that the project owner has grown. Like the parent, I'm also using HTMX + tailwindcss; rather than Rust, I'm using Julia.

recursivedoubts5y ago

fantastic to hear, good luck!

Why is interacting with the examples slow? https://htmx.org/examples/delete-row/

recursivedoubts5y ago

I added a 300ms delay in the ajax mock library that I'm using (sinon):

https://htmx.org/js/demo.js

to better simulate real network latency for things like progress indicators, etc.

Congratulations! I've been using Intercooler for a while now and haven't tried htmx yet, but am looking forward to switching over. I really appreciate that you're continuing to work on tools that make this approach to webdev easier.

I know the post says not to do it, but I'm planning to convert an existing project from Intercooler. Anything specific that I should watch out for while doing it, or recommendations for new capabilities that I could take advantage of as part of the switch?

recursivedoubts5y ago

Shouldn't be too hard unless:

- you got deep into the custom headers

- you used ic-action heavily

- you used the path-dependency mechanism heavily

On a sibling comment I mentioned some new features in htmx:

- no jQuery dependency

- trigger filters: https://htmx.org/attributes/hx-trigger/

- HTML validation integration: https://htmx.org/docs/#validation

- Out of band swaps: https://htmx.org/docs/#oob_swaps

- htmx has a more advanced swapping mechanism (swap and settle, not documented well yet) that makes it easier to use CSS transitions

Happy to help out with the transition if you jump on the discord:

https://htmx.org/discord

heavyset_go5y ago

The code examples look like this[1] on Firefox with Enhanced Tracking Protection enabled. I had to disable ETP for it to render correctly.

[1] https://i.imgur.com/lIiQuE6.png

recursivedoubts5y ago

huh, ETP must be blocking unpkg...

I'll move that into the /js directory instead, thanks for the heads up

cmclaughlin5y ago

I really, really, really enjoyed working with intercooler.js on a previous project... I understand there’s no immediate need to upgrade, but what new features does this provide for new projects?

By the way, thanks!

recursivedoubts5y ago

Some things I can think of:

- no jQuery dependency

- trigger filters: https://htmx.org/attributes/hx-trigger/

- HTML validation integration: https://htmx.org/docs/#validation

- Out of band swaps: https://htmx.org/docs/#oob_swaps

- htmx has a more advanced swapping mechanism (swap and settle, not documented well yet) that makes it easier to use CSS transitions

machinelabo5y ago

Can you please explain how to build a "larger" app with HTMX?

The way I understand htmx, it will replace the tag itself with an ajax response from the server. This is great for submit feedback and flash messages.

What if you want to click a htmx-button and replace something else outside of the tag with htmx?

recursivedoubts5y ago

You can use the hx-target to target other elements in the DOM:

https://htmx.org/attributes/hx-target/

You can also use Out of Band swaps to replace arbitrary DOM content:

https://htmx.org/docs/#oob_swaps

hrjet5y ago

htmx sounds great! I am interested in this from the security angle. If browsers were to natively support htmx (or something similarly declarative), it might reduce the need for Javascript and hence improve security.

recursivedoubts5y ago

It definitely helps improve your security complexity over things like, say, GraphQL, where row-level security is necessary to prevent people from firing off random queries from the browser console.

There are a couple of places in the code where eval()/Function code are fire off which require some security-thinking:

https://htmx.org/attributes/hx-trigger/

hx-trigger evaluate expressions for the event filter. This typically isn't an issue since you would be unlikely to use user input in this context.

https://htmx.org/attributes/hx-vars/

hx-vars evaluate expressions to include in the request. This is a bit more dangerous, because you might try to pass values through with this mechanism. If this includes user input then you should use hx-vals instead:

https://htmx.org/attributes/hx-vals/

Congratulations! What are the next directions for the scripting language?

recursivedoubts5y ago

I know htmx is a good idea, still waiting to see if hyperscript pans out. :)

It still needs some pretty basic stuff like for loops and so forth. The goal is for it to be a embeddable, DOM-friendly & transparently asynchronous scripting language so you don't need to deal w/ callbacks:

  on click 
    add .throb to me
    wait 3s
    remove .throb from me
  end

I'd like to make ajax and web workers trivial to use from it. I hope to have a lot more time for it in the next year, now that htmx is stable. We'll see. Suggestions welcome!

edit: one thing I'm pretty sure about is that I'm going to go back to an interpreted runtime over the transpilation I'm doing now

no_wizard5y ago

This is very similar to Stimulus which i don’t find much difference from. Who’s your target developer?

Reference: https://stimulusjs.org/

recursivedoubts5y ago

:) It's very different than stimulus.

htmx extends HTML as a hypertext, it isn't tied to any particular backend and doesn't have any binding concepts. It's really a complete different concept.

I'd recommend reading the docs:

https://htmx.org/docs/

Epskampie5y ago

I recently tried to use htmx because i like the idea. I made a table where you could click lines to expand them. Now, clicking a line would request the subcontent and insert it, easy-peezy. But now i want you to be able to click the line again to close. Hmm, in htmx this means that i’ll have to return a new parent line from the server as well... guess ill make a special template for that. Repeat this a few times and my backend templates were getting so many special cases that i just switched back to jQuery.

Perhaps i just need to learn more “htmx-like” code patterns, but they didn’t come that naturally to me.

recursivedoubts5y ago

The htmx way to do this would be something like this (assuming a contact model per row):

The summary rows would handle a click to load the detail HTML for the contact, and replace the entire row

  <div hx-get="/contact/42/details" hx-swap="outerHTML" ...>
     ...
  </div>

The detail rows would handle a click to load the summary HTML for the contact, and replace the entire row

  <div hx-get="/contact/42/summary" hx-swap="outerHTML" ...>
     ...
  </div>

So you would flip the row back and forth between summary and detail views. This would involve two templates server side, which seems about right, and would place the logic inside separate and fairly simple server side logic.

Note that here the URLs are encoding the row state, so we are using Hypertext As The Engine of Application State (HATEOAS) without thinking too hard about it.

rasso5y ago

This looks amazing! I never adopted any of the frameworks (vue, react, angular, ...) because I think they should only be used for web apps, but not for classic websites. JS for everything frontend-related in my opinion just has too many downsides for an open web (possibly bad SEO for crawlers that don't support javascript, reliance on the users device for rendering)

Htmx might be the perfect tool to stay with classic server-side rendering and still have the "pop" of SPAs.

bobthebuilders5y ago

Apologies if I missed it, but how would authentication work? I'm trying to figure out where ok the scale from Spring Security to JWT and React it falls on.

recursivedoubts5y ago

Authentication works the normal way: you login via a login screen and that typically would establish a session cookie.

You can also use events to hook in CRSF tokens if you need to do so.

But it tries to use the original security model of the web as much as possible.

ezequiel-garzon5y ago

Has anybody built a site they’d like to share built with htmx? (If so, do share :)

recursivedoubts5y ago

The htmx site uses htmx:

https://htmx.org

All link clicks are ajax'd via the hx-boost attribute:

https://htmx.org/attributes/hx-boost/

SquareWheel5y ago

I like the site. I'm just curious, was it a conscious decision to not minify htmx.js? Seems you could save a fair few bytes that way.

midrus5y ago

I find unpoly so much better and complete than this.

Unpoly just has bad marketing.

recursivedoubts5y ago

That's fine, unpoly is a reasonable approach to building front end code, but it's a very different model.

htmx is focused on improving html qua html. It doesn't have any notion of the server side beyond that which html has: URLs. As such it is attempting to say within the original model of the web: a hypertext architecture with REST/HATEOAS as the bedrock.

It isn't a complete framework in the flavor of unpoly, and so it won't have the expressive power of unpoly in many cases. That's an intentional tradeoff based on the core motivating concept of the library.

Which is fine: different strokes for different folks.

j / k navigate · click thread line to collapse