PHPackages svengerlach/vanillajs-template - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Templating & Views](/categories/templating) 4. / 5. svengerlach/vanillajs-template ActiveLibrary[Templating & Views](/categories/templating) svengerlach/vanillajs-template ============================== Port of John Resig's micro templating approach to PHP for server-side pre-compilation of simple JavaScript templates 0.0.3(9y ago)115.0k↓50%MITPHPPHP >=5.4.0 Since Aug 19Pushed 9y ago1 watchersCompare [ Source](https://github.com/svengerlach/php-vanillajs-template)[ Packagist](https://packagist.org/packages/svengerlach/vanillajs-template)[ RSS](/packages/svengerlach-vanillajs-template/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (2)Versions (4)Used By (0) PHP VanillaJS Template ====================== [](#php-vanillajs-template) [![Build Status](https://camo.githubusercontent.com/ec7b8b413e1a0c579f37ac39bc3d2cef3bc401c16caf7b58fa1cb03a76343331/68747470733a2f2f7472617669732d63692e6f72672f7376656e6765726c6163682f7068702d76616e696c6c616a732d74656d706c6174652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/svengerlach/php-vanillajs-template) A small port of [John Resig's JavaScript micro templating approach](http://ejohn.org/blog/javascript-micro-templating/) to PHP for server-side pre-compilation of simple JavaScript templates. Background ---------- [](#background) I've used John Resig's approach a lot in the passed. It's small, easy to use and comes with zero dependencies. I like it! However, this method has one simple drawback: If your application has set the `Content-Security-Policy` HTTP header for `script-src` to e.g. `self`, you will run into problems. Google Chrome rejects the execution of the templating function with the following error message: > Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'" **Workarounds?** 1. Allow `unsafe-eval` as `script-src` within the Content-Security-Policy header 2. Implement a workaround that pre-compiles templates to executable JavaScript functions The first is not an option because it forces us to lower the security barriers. I've opted for the second approach. Because most of my projects are PHP applications, I've decided to port John Resig's template conversion to PHP. Installation ------------ [](#installation) Installation is recommended to be done via [composer](https://getcomposer.org/) by running: ``` composer require svengerlach/php-vanillajs-template ``` Usage ----- [](#usage) This library can be used either as a standalone component or as a [twig](http://twig.sensiolabs.org/) extension. ### Standalone [](#standalone) See [examples/standalone.php](examples/standalone.php). ```