News

Add new post

Making SPARQL fancy with YASQE and YASR

I’ve been working recently on a rewrite of YASGUI (a tool I wrote a year ago) from the ground up. I’ve decided to take a more modular approach, publishing components of YASGUI as separate JS libraries.

The results are:

  • Yet Another Sparql Query Editor (YASQE, http://yasgui.github.io/YASQE/). Key features are:
    • SPARQL syntax highlighting and error checking
    • Extremely customizable: All functions and handlers from CodeMirror library are accessible
    • Persistent values (optional): your query is stored for easier reuse between browser sessions
    • Prefix autocompletion (using prefix.cc)
    • Property and class autocompletion (using Linked Open Vocabularies)
    • Handlers to easily add your own property and class autocompletion
    • Handy keyboard shortcuts
    • Possible to execute the query directly
  • Yet Another Resultset GUI (YASR http://yasgui.github.io/YASR/).
    • Easily customizable and extendible
    • Easily integrates with YASQE
    • Can handle any valid SPARQL resultset format
    • Use of common libraries such as jQuery Datatables and CodeMirror
    • Integration of preflabel.org for fetching URI labels

Enrichting your (often plain-text) SPARQL endpoint now requires only one or two lines of JS to instantiate YASR and/or YASQE. Other possiblities include fancy integration of SPARQL queries in online documentation, or tools such as iPython notebook.

If you have some feedback, let me know.

ps. Both tools are available via npm as well: https://www.npmjs.org/package/yasgui-yasqe and https://www.npmjs.org/package/yasgui-yasr

“What’s the best way to parameterize SPARQL queries?”

http://www.reddit.com/r/semanticweb/comments/1e3fq0/whats_the_best_way_to_parameterize_sparql_queries/

The gist: as a tokenized query protocol, it is not ‘safe’ to build SPARQL queries by concatenating strings which may contain user-supplied input.

In SQL, this is called “SQL Injection”:

It may be tempting to suggest that this is not an issue for read-only SPARQL queries, but resource exhaustion can also be a very real concern; especially with RDF JavaScript Libraries which are used to prepare queries.