5.1.0, Response.ofFragment

Author: pimbrouwers

CHANGELOG.md

@@ -2,11 +2,18 @@
 
 All notable changes to this project will be documented in this file.
 
+## [5.1.0] - 2025-09-09
+
+### Added
+
+- `Response.ofFragment` and `Response.ofFragmentCsrf` to return HTML fragments by element ID, with optional CSRF token support.
+- `Falco.Markup` [version 1.4.0](https://www.nuget.org/packages/Falco.Markup/1.4.0), which reverted API to 1.2.0 and provided correct support for template fragments.
+
 ## [5.0.3] - 2025-09-09
 
 ### Added
 
-- Updated Falco.Markup to 1.3.0, which enables support for HTML fragment responses.
+- `Falco.Markup` [version 1.3.0](https://www.nuget.org/packages/Falco.Markup/1.3.0), which enables support for template fragment responses.
 
 ## [5.0.2] - 2025-06-26
 

src/Falco/Falco.fsproj

@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
     <AssemblyName>Falco</AssemblyName>
-    <Version>5.0.3</Version>
+    <Version>5.1.0</Version>
 
     <!-- General info -->
     <Description>A functional-first toolkit for building brilliant ASP.NET Core applications using F#.</Description>
@@ -39,7 +39,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Falco.Markup" Version="1.3.*" />
+    <PackageReference Include="Falco.Markup" Version="1.4.*" />
     <PackageReference Update="FSharp.Core" Version="6.0.0" />
     <PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.*" PrivateAssets="All" />
   </ItemGroup>

src/Falco/Response.fs

@@ -161,25 +161,34 @@ let ofHtmlString
 /// Returns a "text/html; charset=utf-8" response with provided HTML to client.
 let ofHtml
     (html : XmlNode) : HttpHandler =
-    let render =
-        match html with
-        | NodeList _ -> renderNode
-        | SelfClosingNode _
-        | ParentNode _
-        | TextNode _ -> renderHtml
+    ofHtmlString (renderHtml html)
 
-    ofHtmlString (render html)
+let private withCsrfToken handleToken : HttpHandler = fun ctx ->
+    let csrfToken = Xsrf.getToken ctx
+    handleToken csrfToken ctx
 
 /// Returns a CSRF token-dependant "text/html; charset=utf-8" response with
 /// provided HTML to client.
 let ofHtmlCsrf
     (view : AntiforgeryTokenSet -> XmlNode) : HttpHandler =
-    let withCsrfToken handleToken : HttpHandler = fun ctx ->
-        let csrfToken = Xsrf.getToken ctx
-        handleToken csrfToken ctx
-
     withCsrfToken (fun token -> token |> view |> ofHtml)
 
+/// Returns a "text/html; charset=utf-8" response with provided HTML fragment,
+/// if found, to client. If no element with the provided id is found, an empty
+/// string is returned.
+let ofFragment
+    (id : string)
+    (html : XmlNode) : HttpHandler =
+    ofHtmlString (renderFragment html id)
+
+/// Returns a CSRF token-dependant "text/html; charset=utf-8" response with
+/// provided HTML fragment, if found, to client. If no element with the
+/// provided id is found, an empty string is returned.
+let ofFragmentCsrf
+    (id : string)
+    (view : AntiforgeryTokenSet -> XmlNode) : HttpHandler =
+    withCsrfToken (fun token -> token |> view |> ofFragment id)
+
 /// Returns an optioned "application/json; charset=utf-8" response with the
 /// serialized object provided to the client.
 let ofJsonOptions

src/Falco/Security.fs

@@ -15,13 +15,12 @@ module Xsrf =
             Attr.name token.FormFieldName
             Attr.value token.RequestToken ]
 
-    /// Generates a CSRF token using the Microsoft.AspNetCore.Antiforgery
-    /// package.
+    /// Generates an antiforgery token and stores it in the user's cookies.
     let getToken (ctx : HttpContext) : AntiforgeryTokenSet =
         let antiFrg = ctx.RequestServices.GetRequiredService<IAntiforgery>()
         antiFrg.GetAndStoreTokens ctx
 
-    /// Validates the Antiforgery token within the provided HttpContext.
+    /// Validates the antiforgery token within the provided HttpContext.
     let validateToken (ctx : HttpContext) : Task<bool> =
         let antiFrg = ctx.RequestServices.GetRequiredService<IAntiforgery>()
         antiFrg.IsRequestValidAsync ctx

test/Falco.Tests/ResponseTests.fs

@@ -197,30 +197,6 @@ let ``Response.ofHtml produces text/html result`` () =
         contentType   |> should equal "text/html; charset=utf-8"
     }
 
-[<Fact>]
-let ``Response.ofHtml products text/html for fragment`` () =
-    let ctx = getHttpContextWriteable false
-    let expected = "<div>1</div><div>2</div><div>3</div>"
-
-    let fragment =
-        Elem.createFragment [
-            _div [] [ _text "1" ]
-            _div [] [ _text "2" ]
-            _div [] [ _text "3" ]
-        ]
-
-    task {
-        do! ctx |> Response.ofHtml fragment
-        let! body = getResponseBody ctx
-        let contentLength = ctx.Response.ContentLength
-        let contentType = ctx.Response.Headers.[HeaderNames.ContentType][0]
-
-        body          |> should equal expected
-        contentLength |> should equal (int64 (Encoding.UTF8.GetByteCount(expected)))
-        contentType   |> should equal "text/html; charset=utf-8"
-    }
-
-
 [<Fact>]
 let ``Response.ofHtmlString produces text/html result`` () =
     let ctx = getHttpContextWriteable false
@@ -252,3 +228,26 @@ let ``Response.challengeAndRedirect`` () =
         ctx.Response.Headers.WWWAuthenticate.ToArray() |> should contain AuthScheme
         ctx.Response.Headers.Location.ToArray() |> should contain "/"
     }
+
+[<Fact>]
+let ``Response.ofFragment returns the specified fragment`` () =
+    let ctx = getHttpContextWriteable false
+    let expected = """<div id="fragment1">1</div>"""
+
+    let html =
+        Elem.div [] [
+            _div [ _id_ "fragment1" ] [ _text "1" ]
+            _div [ _id_ "fragment2" ] [ _text "2" ]
+        ]
+
+    task {
+        do! ctx |> Response.ofFragment "fragment1" html
+
+        let! body = getResponseBody ctx
+        let contentLength = ctx.Response.ContentLength
+        let contentType = ctx.Response.Headers.[HeaderNames.ContentType][0]
+
+        body          |> should equal expected
+        contentLength |> should equal (int64 (Encoding.UTF8.GetByteCount(expected)))
+        contentType   |> should equal "text/html; charset=utf-8"
+    }