[MarkLogic Dev General] xpath string construction

Justin Makeig Justin.Makeig at marklogic.com
Fri Oct 10 13:26:46 PDT 2008


Exposing delete actions as GET requests is also pretty dangerous. HTTP clients expect GET requests to have no side effects and to be idempotent. (Wayne touches on the idempotency below.) The rule of thumb I use is that if I wouldn’t want anyone to bookmark or reload a URL, it probably shouldn’t be accessible using GET. Google exposed this several years back when (if my memory serves me correctly) they added a pre-caching feature to their browser plugin. This caused some unexpected behavior when it followed all of the delete and update links. 

The HTTP DELETE method or the multi-purpose POST method would probably be better suited for your situation, for example 


DELETE /people.xqy?id=1234




POST /people.xqy?delete=1234


DELETE, of course, is not supported out-of-the-box in HTML forms, but is possible using AJAX.




Justin Makeig
Product Manager
Mark Logic Corporation
999 Skyway Road
Suite 200
San Carlos, CA 94070
+1 650 655 2387 Phone
justin.makeig at marklogic.com
www.marklogic.com <http://www.marklogic.com/> <http://www.marklogic.com/>  
This e-mail and any accompanying attachments are confidential. The information is intended solely for the use of the individual to whom it is addressed. Any review, disclosure, copying, distribution, or use of this e-mail communication by others is strictly prohibited. If you are not the intended recipient, please notify us immediately by returning this message to the sender and delete all copies.  Thank you for your cooperation.




From: general-bounces at developer.marklogic.com [mailto:general-bounces at developer.marklogic.com] On Behalf Of Wayne Feick
Sent: Friday, October 10, 2008 12:52 PM
To: General Mark Logic Developer Discussion
Subject: Re: [MarkLogic Dev General] xpath string construction


Hi Eric,

In 4.0, you can use xdmp:unpath() to do this 


However, in the example you've given I'd recommend changing the approach to use some sort of an id attribute on person (since there are duplicate names) rather than a positional XPath expression. With your current approach, two users could each intend to delete "bob" at index 3 when in fact the second attempt would actually delete "ryan".

As a rule, exposing xpath expressions to a web app is dangerous since there is no guarantee they still refer to the same node from one transaction to the next.


On Fri, 2008-10-10 at 14:43 -0400, Eric Palmitesta wrote: 

Is there a specific reason why one can't construct an xpath out of a string?
For example,
let $media := 'book' (: or 'journal', or 'article' :)
Another use case, I want to display a list of items, and offer a 
'delete' link for each item.
lets say /people.xml contained the following:
     <person name="bob" />
     <person name="jim" />
     <person name="bob" />
     <person name="ryan" />
So I'd display something like:
for $person in doc('/people.xml')/people/person
     <a href="delete.xqy?path={ xdmp:path($person) }>delete</a>
This will give me nice delete links like 
"delete.xqy?path=/people/person[1]", but in the supposed delete.xqy, I'd 
want to do something similar to:
let $file := '/people.xml'
let $person := xdmp:get-request-field('path')
I can't, of course, the doc call will be fine but I can't construct 
xpath with a string.  And the node-delete (and any other 
node-manipulation function) requires actual nodes, not strings.
I end up having to write eval-based utility functions:
define function util:remove-element($uri as xs:string, $xpath as xs:string)
        let $node := concat("doc('", $uri, "')", $xpath)
               xdmp:eval(concat("xdmp:node-delete(", $node, ")"))
Please tell me I'm all wrong and there's a better way.
General mailing list
General at developer.marklogic.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://xqzone.marklogic.com/pipermail/general/attachments/20081010/9a293579/attachment-0001.html

More information about the General mailing list