cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - If community subscription notifications are filling up your inbox you can set up a daily digest and get all your notifications in a single email. X

Expression and the keywords

drichter
15-Moonstone

Expression and the keywords

Hi,

 

the expression widget has a big problem with everything that as the word "alert" in it. I will use an expression for change the color of a panel dependent on an alert. I use the hasAlert-Service to get the alert state for a property. I bind this state to the expression parameter "hasAlert". If I write the expression

Output = hasAlert? "AlertRed" : "OkGreen";

I get the error message "You cannot use the alert function".

 

In the ide.js of the expression widget I saw this:

if (expression.indexOf('alert') >= 0) {
  return TW.IDE.I18NController.translate('tw.expression-ide.warnings.cannot-use-alert');
}

I think there a better ways to prevent of using the javascript alert.

ACCEPTED SOLUTION

Accepted Solutions

Well on your exact expression you can do a simple trick:

Output = hasAlert? "AlertRed" : "OkGreen";

To ( of course you have to rename you expression parameter from hasAlert to hasAl or whatever parameter name without Alert text )

Output = (hasAl? ("Al"+"ertRed") : "OkGreen";

And yes, this javascript check it annoying and totally unusefull, neither it secures anything, should be totally removed.

 

View solution in original post

4 REPLIES 4
AdamR
14-Alexandrite
(To:drichter)

I agree with that assessment.  I believe there are more specific checks that can be done to eliminate improper use of JavaScript key words.  This was, as you noted, the reason behind the check.  For others who may see this the other key word checks are...

eval

alert

for

document

window

parent

this

while

 

I will bring this to the attention of the Thingworx team to see what can be updated to improve these checks.

 

Thank you for the post!

 

Adam

posipova
20-Turquoise
(To:AdamR)

You cannot put an "Alert" directly into the expression, however you may create a parameter of the base type string and use it in the expression. An example would be to have a textarea feeding string values into the Expression widget parameter, and then displaying it. 

Well on your exact expression you can do a simple trick:

Output = hasAlert? "AlertRed" : "OkGreen";

To ( of course you have to rename you expression parameter from hasAlert to hasAl or whatever parameter name without Alert text )

Output = (hasAl? ("Al"+"ertRed") : "OkGreen";

And yes, this javascript check it annoying and totally unusefull, neither it secures anything, should be totally removed.

 

drichter
15-Moonstone
(To:CarlesColl)

This is a nice workarounds. I hope in future I don't need workarounds in twx :D

Announcements


Top Tags