// view.js
// Pure view functions
/**
* Pure view functions for the application.
*
* Why pure functions returning HTML strings?
* - Keeps rendering logic stateless and easy to test.
* - Ensures the UI is always a direct function of state, avoiding UI bugs from incremental DOM updates.
* - Using template literals is minimal and browser-native, with no dependencies.
*
* Why escape output?
* - Prevents XSS and ensures all user/content data is safely rendered.
*
* Why semantic/accessible HTML?
* - Ensures the app is usable for all users, including those using assistive tech, and is easy to reason about.
*/
/**
* Render the app UI as an HTML string
* @param {object} state
* @returns {string}
*/
export function view(state) {
return `
PokéDex
${state.error ? `${escape(state.error)}
` : ''}
${state.pokemon ? renderResult(state.pokemon) : ''}
`;
}
function renderResult(pokemon) {
return `
${capitalize(pokemon.name)} (#${pokemon.id})
- Type: ${pokemon.types.map(t => capitalize(escape(t.type.name))).join(', ')}
- Height: ${pokemon.height / 10} m
- Weight: ${pokemon.weight / 10} kg
`;
}
function escape(str) {
/**
* Escapes HTML special characters to prevent XSS.
*
* Why escape here? Keeps all rendering safe by default, so no accidental injection is possible.
*/
return String(str).replace(/[&<>"']/g, c => ({'&':'&','<':'<','>':'>','"':'"',"'":'''}[c]));
}
function capitalize(str) {
return str.charAt(0).toUpperCase() + str.slice(1);
}