3 Comments

  1. Morten Rand-Hendriksen

    This makes sense, and falls in line with the grand vision of Gutenberg being CMS agnostic.

    Report

  2. Jason Bahl

    JS only blocks are not ideal. It’s very common practice to “never trust the client” and the more we market JS only blocks as “the way” to build blocks, the more we’re encouraging bad practices for building applications.

    The server should have the final say on what data should be allowed to be saved to the database, and right now Gutenberg blocks are a wildcard. Pretty much anything that’s not a SQL injection is considered safe to be saved.

    Each block should have a server side registry that goes with it that can allow the server to be aware of what should be allowed to be saved for each block. Client side validation is great, but it only goes so far. Servers exist for a reason, and Gutenberg should respect the role of the WordPress server.

    Before any data is saved for any block, the server should validate that data, and if it passes validation, it should be saved, and if not, it should be rejected.

    JS only blocks encourage potentially very dangerous development practices and in many cases should be avoided.

    Report

    • Clos

      @Jason Bahl. I agree with your assessment. Build in server side editors are much more trust worthy. With JS being having the potential to break fairly easily (which I ran into with the Gutenberg demo site), that using a JS only editor could pose some potential issues.
      I also have some pretty significant issues with theme builders like Divi, Fusion, X, etc. that completely replace the WordPress content editing experience. I know a tremendous amount of work has been added to these theme/site builders, but for me, they are hard to manage, sometimes hard to update, and potentially encourages bad layout practices.
      At that point, are you truely using WordPress or just using it as a proxy instead of building your own CMS.

      Report

Comments are closed.

%d bloggers like this: