Example: <button ic-post-to="/api/resource" ic-template="#a-handlebars-template" />
$('[ic-post-to]').click((button) => {
fetch($(button).attr('ic-post-to')), { method: 'post' })
.then((result) => {
let templateText = $($(button).attr("ic-template")).html();
let template = Handlebars.compile(templateText);
let resultHtml = template(result);
$(button).replaceWith(resultHtml);
});
});
In the second article you explained that HTML could implement HATEOS.
In the third article you argue that GraphQL is the natural progression of REST but its security model is complex to the point of being unsafe.
---
The first article, in my opinion, consisted of straw men arguments.
The second is understandable.
The third made no sense to me. With a system like GraphQL you can use a declarative column-based security model. This is, in my opinion, easier than the imperative stuff you're probably using to make your HTML endpoints secure. With GraphQL you need to set up your security constraints once. With HTML endpoints you need to remember to toggle off certain blocks of HTML for every single request. Is that what you're doing?