Using Magento, I need to pass values from the database to javascript in json in a custom module. I am avoiding inline javascript due to CSP. I followed http://www.pierrefay.com/magento-create-block-44
I am having trouble with the type attribute for the block in the layout file. When I use page/html my javascript template file displays, but sends a text/html header instead of a text/javascript which I believe is a xss risk.
When I try a custom type, like auction/history, the javascript layout does not load. Instead it shows a blank page with the standard shop design. Below are my files
app/code/local/Mymodule/Auction/etc/config.xml
Here I have a custom product view page in the blocks in addition to the new block I am trying to use for the javascript.
<config>
...
<frontend>
<routers>
<routeurfrontend>
<use>standard</use>
<args>
<module>Mymodule_Auction</module>
<frontName>auction</frontName>
</args>
</routeurfrontend>
</routers>
<layout>
<updates>
<auction>
<file>history.xml</file>
</auction>
</updates>
</layout>
</frontend>
<global>
<blocks>
<Mymodule_Auction>
<class>Mymodule_Auction_Block_Catalog_Product_View</class>
</Mymodule_Auction>
<catalog>
<rewrite>
<product_view>Mymodule_Auction_Block_Catalog_Product_View</product_view>
</rewrite>
</catalog>
<auction>
<class>Mymodule_Auction_Block</class>
</auction>
</blocks>
... (code for models and helpers) ...
</global>
</config>
app/design/frontend/Mymodule/default/layout/history.xml If I change the type="auction/history" to "page/html" it displays but with text/html header instead of text/javascript
<layout version="0.1.0">
<default>
<reference name="content"></reference>
</default>
<auction_index_history>
<reference name="content">
<block type="auction/history" template="auction/history.phtml" />
</reference>
</auction_index_history>
</layout>
app/code/local/Mymodule/Auction/Block/History.php
<?php
class Mymodule_Auction_Block_History extends Mage_Core_Block_Template
{
public function methodblock()
{
return ‘informations about my block !!’ ;
}
}
I think you're mistaking Block and controllers.
A block is only a part of your pages. A controller tells how your page should be rendered in the browser.
About your question on the Block : when you need to create a new template without any related Block method, you should use core/template
. This block is the top one ( html/page
inherits core/template but with added logic that you might not want)
If you need some custom logic (Block methods), create a php Block class that inherits Mage_Core_Block_Template
And about you're header question : if you output only JSON, you should force the output of JSON using a controller and the method :
$this->getResponse()->setHeader('Content-type', 'application/x-json');
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.