In this chapter we are going to look deeper into the htmx toolkit. We’ve accomplished quite a bit with what we’ve learned so far. Still, when you are developing Hypermedia-Driven Applications, there will be times when you need to reach for additional options and techniques.
We will go over the more advanced attributes in htmx, as well as expand on the advanced details of attributes we have already used.
Additionally, we will look at functionality that htmx offers beyond simple HTML attributes: how htmx extends standard HTTP request and responses, how htmx works with (and produces) events, and how to approach situations where there isn’t a simple, single target on the page to be updated.
Finally, we will take a look at practical considerations when doing htmx development: how to debug htmx-based applications effectively, security considerations you will need to take into account when working with htmx, and how to configure the behavior of htmx.
With the features and techniques in this chapter, you will be able to pull off extremely sophisticated user interfaces using only htmx and perhaps a small bit of hypermedia-friendly client-side scripting.
Thus far we have used about fifteen different attributes from htmx in our application. The most important ones have been:
To specify the AJAX request an element should make
To specify the event that triggers a request
To specify how to swap the returned HTML content into the DOM
To specify where in the DOM to swap the returned HTML content
Two of these attributes,
hx-trigger, support a number of useful options for creating more advanced
We’ll start with the hx-swap attribute. This is often not included on elements that issue htmx-driven requests because
its default behavior —
innerHTML, which swaps the inner HTML of the element — tends to cover most use cases.
We earlier saw situations where we wanted to override the default behavior and use
outerHTML, for example. And, in
chapter 2, we discussed some other swap options beyond these two,
In chapter 5, we also looked at the
swap delay modifier for
hx-swap, which allowed us to fade some content out
before it was removed from the DOM.
In addition to these,
hx-swap offers further control with the following modifiers:
swap, this allows you to apply a specific delay between when the content has been swapped into the DOM and when its attributes are “settled”, that is, updated from their old values (if any) to their new values. This can give you fine-grained control over CSS transitions.
Allows you to specify an element that should be shown — that is, scrolled into the viewport of the browser if necessary — when a request is completed.
Allows you to specify a scrollable element (that is, an element with scrollbars), that should be scrolled to the top or bottom when a request is completed.
Allows you to specify that htmx should scroll to the focused element when a request completes. The default for this modifier is “false.”
So, for example, if we had a button that issued a
GET request, and we wished to scroll to the top of the
when the request completed, we would write the following HTML:
More details and examples can be found online in the
hx-trigger can often be omitted when you are using htmx, because the default behavior is typically
what you want. Recall the default triggering events are determined by an element’s type:
selectelements are triggered by the
formelements are triggered on the
Requests on all other elements are triggered by the
There are times, however, when you want a more elaborate trigger specification. A classic example is the active search example we implemented in Contact.app:
This example took advantage of two modifiers available for the
Allows you to specify a delay to wait before a request is issued. If the event occurs again, the first event is discarded and the timer resets. This allows you to “debounce” requests.
Allows you to specify that a request should only be issued when the
valueproperty of the given element has changed.
hx-trigger has several additional modifiers. This makes sense, because events are fairly complex and we want to be
able to take advantage of all the power they offer. We will discuss events in more detail below.
Here are the other modifiers available on
The given event will only trigger a request once.
Allows you to throttle events, only issuing them once every certain interval. This is different than
delayin that the first event will trigger immediately, but any following events will not trigger until the throttle time period has elapsed.
A CSS selector that allows you to pick another element to listen for events on. We will see an example of this used later in the chapter.
A CSS selector that allows you to filter events to only those that occur directly on a given element. In the DOM, events “bubble” to their parent elements, so a
clickevent on a button will also trigger a
clickevent on a parent
div, all the way up to the
bodyelement. Sometimes you want to specify an event directly on a given element, and this attribute allows you to do that.
If this option is set to
true, the triggering event will be cancelled and not propagate to parent elements.
This option allows you to specify how events are queued in htmx. By default, when htmx receives a triggering event, it will issue a request and start an event queue. If the request is still in flight when another event is received, it will queue the event and, when the request finishes, trigger a new request. By default, it only keeps the last event it receives, but you can modify that behavior using this option: for example, you can set it to
noneand ignore all triggering events that occur during a request.
hx-trigger attribute also allows you to specify a filter for events by using square brackets enclosing a
Let’s say you have a complex situation where contacts should only be retrievable in certain situations. You have
contactRetrievalEnabled() that returns a boolean,
true if contacts can be retrieved and
false otherwise. How could you use this function to place a gate on a button that issues a request to
To do this using an event filter in htmx, you would write the following HTML:
The button will not issue a request if
contactRetrievalEnabled() returns false, allowing you to dynamically control
when the request will be made. There are common situations that call for an event trigger, when you only want to issue
a request under specific circumstances:
- if a certain element has focus
- if a given form is valid
- if a set of inputs have specific values
Using event filters, you can use whatever logic you’d like to filter requests by htmx.
In addition to these modifiers,
hx-trigger offers a few “synthetic” events, that is events that are not part of the
regular DOM API. We have already seen
revealed in our lazy loading and infinite scroll examples, but
htmx also gives you an
intersect event that triggers when an element intersects its parent element.
This synthetic event uses the modern Intersection Observer API, which you can read more about at MDN.
Intersection gives you fine-grained control over exactly when a request should be triggered. For example, you can set a threshold and specify that the request be issued only when an element is 50% visible.
hx-trigger attribute certainly is the most complex in htmx. More details and examples can be found in its
Htmx offers many other less commonly used attributes for fine-tuning the behavior of your Hypermedia-Driven Application.
Here are some of the most useful ones:
“Pushes” the request URL (or some other value) into the navigation bar.
Preserves a bit of the DOM between requests; the original content will be kept, regardless of what is returned.
Synchronized requests between two or more elements.
Disables htmx behavior on this element and any children. We will come back to this when we discuss the topic of security.
Let’s take a look at
hx-sync, which allows us to synchronize AJAX requests between two or more elements. Consider
a simple case where we have two buttons that both target the same element on the screen:
This is fine and will work, but what if a user clicks the “Get Contacts” button and then the request takes a while to respond? And, in the meantime the user clicks the “Get Settings” button? In this case we would have two requests in flight at the same time.
/settings request finished first and displayed the user’s setting information, they might be very surprised
if they began making changes and then, suddenly, the
/contacts request finished and replaced the entire body with
the contacts instead!
To deal with this situation, we might consider using an
hx-indicator to alert the user that something is going on, making
it less likely that they click the second button. But if we really want to guarantee that there is only one request
at a time issued between these two buttons, the right thing to do is to use the
hx-sync attribute. Let’s enclose
both buttons in a
div and eliminate the redundant
hx-target specification by hoisting the attribute up to that
div. We can then use
hx-sync on that div to coordinate requests between the two buttons.
Here is our updated code:
By placing the
hx-sync attribute on the
div with the value
this, we are saying “Synchronize all htmx requests that
occur within this
div element with one another.” This means that if one button already has a request in flight, other
buttons within the
div will not issue requests until that has finished.
hx-sync attribute supports a few different strategies that allow you to, for example, replace an existing request
in flight, or queue requests with a particular queuing strategy. You can find complete documentation, as well as
examples, at the htmx.org page for
As you can see, htmx offers a lot of attribute-driven functionality for more advanced Hypermedia-Driven Applications. A complete reference for all htmx attributes can be found on the htmx website.
hx-trigger attribute. This attribute has
proven to be a powerful mechanism for driving our application using a declarative, HTML-friendly syntax.
However, there is much more we can do with events. Events play a crucial role both in the extension of HTML as a hypermedia, and, as we’ll see, in hypermedia-friendly scripting. Events are the “glue” that brings the DOM, HTML, htmx and scripting together. You might think of the DOM as a sophisticated "event bus" for applications.
We can’t emphasize enough: to build advanced Hypermedia-Driven Applications, it is worth the effort to learn about events in depth.
In addition to making it easy to respond to events, htmx also emits many useful events. You can use these events to add more functionality to your application, either via htmx itself, or by way of scripting.
Here are some of the most commonly used events triggered by htmx:
Triggered when new content is loaded into the DOM by htmx.
Triggered before a request is issued, allowing you to programmatically configure the request or cancel it entirely.
Triggered after a request has responded.
A custom event that can be sent to an htmx-powered element to abort an open request.
Using the htmx:configRequest Event
Let’s look at an example of how to work with htmx-emitted events. We’ll use the
htmx:configRequest event to configure
an HTTP request.
Consider the following scenario: your server-side team has decided that they want you to include a server-generated
token for extra security on every request. The token is going to be stored in
localStorage in the browser, in the slot
The server-side team wants you to include this special token on every request made by htmx, as the
How could you achieve this? One way would be to catch the
htmx:configRequest event and update the
object with this token from
In VanillaJS, it would look something like this, placed in a
<script> tag in the
<head> of our HTML document:
As you can see, we add a new value to the
headers property of the event’s detail property. After the event handler
headers property is read by htmx and used to construct the request headers for the AJAX request it makes.
detail property of the
htmx:configRequest event contains a slew of useful properties that you can update to change the
"shape" of the request, including:
Allows you to add or remove request parameters
Allows you to update the target of the request
Allows you to update HTTP "verb" of the request (e.g.
So, for example, if the server-side team decided they wanted the token included as a parameter, rather than as a request header, you could update your code to look like this:
As you can see, this gives you a lot of flexibility in updating the AJAX request that htmx makes.
The full documentation for the
htmx:configRequest event (and other events you might be interested in) can be found
on the htmx website.
Canceling a Request Using htmx:abort
We can listen for any of the many useful events from htmx, and we can respond to those events using
else can we do with events?
It turns out that htmx itself listens for one special event,
htmx:abort. When htmx receives this
event on an element that has a request in flight, it will abort the request.
Consider a situation where we have a potentially long-running request to
/contacts, and we want to offer a way for
the users to cancel the request. What we want is a button that issues the request, driven by htmx, of course, and then
another button that will send an
htmx:abort event to the first one.
Here is what the code might look like:
Thankfully this isn’t too bad to implement in hyperscript, so let’s take a look at what that would look like:
Now we have a “Cancel” button that is enabled only when a request from the
contacts-btn button is in flight. And
we are taking advantage of htmx-generated and handled events, as well as the event-friendly syntax of hyperscript, to
make it happen. Slick!
Server Generated Events
We are going to talk more about the various ways that htmx enhances regular HTTP requests and responses in the next section,
but, since it involves events, we are going to discuss one HTTP Response header that htmx supports:
have discussed before how HTTP requests and responses support headers, name-value pairs that contain metadata about
a given request or response. We took advantage of the
HX-Trigger request header, which includes the id of the element
that triggered a given request.
In addition to this request header, htmx also supports a response header also named
HX-Trigger. This response header
allows you to trigger an event on the element that submitted an AJAX request. This turns out to be a powerful way
to coordinate elements in the DOM in a decoupled manner.
To see how this might work, let’s consider the following situation: we have a button that grabs new contacts from some
remote system on the server. We will ignore the details of the server-side implementation, but we know that if we issue
POST to the
/sync path, it will trigger a synchronization with the system.
Now, this synchronization may or may not result in new contacts being created. In the case where new contacts are created, we want to refresh our contacts table. In the case where no contacts are created, we don’t want to refresh the table.
To implement this we could conditionally add an
HX-Trigger response header with the value
This value would trigger the
contacts-updated event on the button that
made the AJAX request to
/sync. We can then take advantage of the
from: modifier of the
attribute to listen for that event. With this pattern we can effectively trigger htmx requests from the server side.
Here is what the client-side code might look like:
The table listens for the
contacts-updated event, and it does so on the
body element. It listens on the
element since the event will bubble up from the button, and this allows us to not couple the button and table together:
we can move the button and table around as we like and, via events, the behavior we want will continue to work fine.
Additionally, we may want other elements or requests to trigger the
contacts-updated event, so this provides a
general mechanism for refreshing the contacts table in our application.
HTTP Requests & Responses
We have just seen an advanced feature of HTTP responses supported by htmx, the
HX-Trigger response header,
but htmx supports quite a few more headers for both requests and responses. In chapter 4 we discussed the
headers present in HTTP Requests. Here are some of the more important headers you can use to change htmx behavior with
Causes a client-side redirection to a new location
Pushes a new URL into the location bar
Refreshes the current page
Allows you to specify a new target to swap the response content into on the client side
You can find a reference for all requests and response headers in the htmx documentation.
HTTP Response Codes
Even more important than response headers, in terms of information conveyed to the client, is the HTTP Response Code. We discussed HTTP Response Codes in Chapter 3. By and large htmx handles various response codes in the manner that you would expect: it swaps content for all 200-level response codes and does nothing for others. There are, however, two “special” 200-level response codes:
204 No Content- When htmx receives this response code, it will not swap any content into the DOM (even if the response has a body)
286- When htmx receives this response code to a request that is polling, it will stop the polling
You can override the behavior of htmx with respect to response codes by, you guessed it, responding to an event! The
htmx:beforeSwap event allows you to change the behavior of htmx with respect to various status codes.
Let’s say that, rather than doing nothing when a
404 occurred, you wanted to alert the user that an error had occurred.
showNotFoundError(). Let’s add some code to use the
event to make this happen:
You can also use the
htmx:beforeSwap event to configure if the response should be swapped into the DOM and what element
the response should target. This gives you quite a bit of flexibility in choosing how you want to use HTTP Response
codes in your application. Full documentation on the
htmx:beforeSwap event can be found at htmx.org.
Updating Other Content
Above we saw how to use a server-triggered event, via the
HX-Trigger HTTP response header, to update a piece of the
DOM based on the response to another part of the DOM. This technique addresses the general problem that comes up
in Hypermedia-Driven Applications: “How do I update other content?” After all, in normal HTTP requests, there is only
one “target”, the entire screen, and, similarly, in htmx-based requests, there is only one target: either the explicit
or implicit target of the element.
If you want to update other content in htmx, you have a few options:
Expanding Your Selection
The first option, and the simplest, is to “expand the target.” That is, rather than simply replacing a small part of the screen, expand the target of your htmx-driven request until it is large enough to enclose all the elements that need to be updated on a screen. This has the tremendous advantage of being simple and reliable. The downside is that it may not provide the user experience that you want, and it may not play well with a particular server-side template layout. Regardless, we always recommend at least thinking about this approach first.
Out of Band Swaps
A second option, a bit more complex, is to take advantage of “Out Of Band” content support in htmx. When
htmx receives a response, it will inspect it for top-level content that includes the
hx-swap-oob attribute. That content will be removed from the response, so it will not be swapped into the DOM in the normal manner. Instead,
it will be swapped in for the content that it matches by id.
Let’s look at an example. Consider the situation we had earlier, where a contacts table needs to be updated if an integration pulls down any new contacts. Previously we solved this by using events and
a server-triggered event via the
HX-Trigger response header.
This time, we’ll use the
hx-swap-oob attribute in the response to the
/integrations/1. The new contacts table content will “piggyback” on the response.
Next, the response to the
/integrations/1 will include the
content that needs to be swapped into the button, per the usual htmx mechanism. But it will also include a new,
updated version of the contacts table, which will be marked as
hx-swap-oob="true". This content will be removed from
the response so that it is not inserted into the button. Instead, it is swapped into the DOM in place of the existing
table since it has a matching id.
Using this piggybacking technique, you can update content wherever needed on a page.
hx-swap-oob attribute supports other additional features, all of which are documented.
Depending on how exactly your server-side templating technology works, and what level of interactivity your application requires, out of band swapping can be a powerful mechanism for content updates.
Finally, the most complex mechanism for updating content is the one we saw back in the events section: using server-triggered events to update elements. This approach can be very clean, but also requires a deeper conceptual knowledge of HTML and events, and a commitment to the event-driven approach. While we like this style of development, it isn’t for everyone. We typically recommend this pattern only if the htmx philosophy of event-driven hypermedia really speaks to you.
If it does speak to you, however, we say: go for it. We’ve created some very complex and flexible user interfaces using this approach, and we are quite fond of it.
All of these approaches to the “Updating Other Content” problem will work, and will often work well. However, there may come a point where it would just be simpler to use a different approach for your UI, like the reactive one. As much as we like the hypermedia approach, the reality is that there are some UX patterns that simply cannot be implemented easily using it. The canonical example of this sort of pattern, which we have mentioned before, is something like a live online spreadsheet: it is simply too complex a user interface, with too many interdependencies, to be done well via exchanges of hypermedia with a server.
In cases like this, and any time you feel like an htmx-based solution is proving to be more complex than another approach might be, we recommend that you consider a different technology. Be pragmatic, and use the right tool for the job. You can always use htmx for the parts of your application that aren’t as complex and don’t need the full complexity of a reactive framework, and save that complexity budget for the parts that do.
We encourage you to learn many different web technologies, with an eye to the strengths and weaknesses of each one. This will give you a deep tool chest to reach into when problems present themselves. Our experience is that, with htmx, hypermedia is a tool you can reach for frequently.
We are not ashamed to admit: we are big fans of events. They are the underlying technology of almost any interesting user interface, and are particularly useful in the DOM once they have been unlocked for general use in HTML. They let you build nicely decoupled software while often preserving the locality of behavior we like so much.
However, events are not perfect. One area where events can be particularly tricky to deal with is debugging: you often want to know why an event isn’t happening. But where can you set a break point for something that isn’t happening? The answer, as of right now, is: you can’t.
There are two techniques that can help in this regard, one provided by htmx, the other provided by Chrome, the browser by Google.
Logging Htmx Events
The first technique, provided by htmx itself, is to call the
htmx.logAll() method. When you do this, htmx will log
all the internal events that occur as it goes about its business, loading up content, responding to events and so forth.
This can be overwhelming, but with judicious filtering can help you zero in on a problem. Here are what (a bit of) the logs
look like when clicking on the “docs” link on https://htmx.org, with
Not exactly easy on the eyes, is it?
But, if you take a deep breath and squint, you can see that it isn’t
that bad: a series of htmx events, some of which we have seen before (there’s
htmx:configRequest!), get logged
to the console, along with the element they are triggered on.
After a bit of reading and filtering, you will be able to make sense of the event stream, and it can help you debug htmx-related issues.
Monitoring Events in Chrome
The preceding technique is useful if the problem is occurring somewhere within htmx, but what if htmx is never getting triggered at all? This comes up some times, like when, for example, you have accidentally typed an event name incorrectly somewhere.
In cases like this you will need recourse to a tool available in the browser itself. Fortunately, the Chrome browser
by Google provides a very useful function,
monitorEvents(), that allows you to monitor all events that are triggered
on an element.
This feature is available only in the console, so you can’t use it in code on your page. But, if you are working with htmx in Chrome, and are curious why an event isn’t triggering on an element, you can open the developers console and type the following:
This will then print all the events that are triggered on the element with the id
some-element to the console. This
can be very useful for understanding exactly which events you want to respond to with htmx, or troubleshooting why an
expected event isn’t occurring.
Using these two techniques will help you as you (infrequently, we hope) troubleshoot event-related issues when developing with htmx.
However, even with hypermedia, there are still situations that require care when doing development. Of particular concern are situations where user-generated content is shown to other users: a clever user might try to insert htmx code that tricks the other users into clicking on content that triggers actions they don’t want to take.
In general, all user-generated content should be escaped on the server-side, and most server-side rendering frameworks provide functionality for handling this situation. But there is always a risk that something slips through the cracks.
In order to help you sleep better at night, htmx provides the
hx-disable attribute. When this attribute is placed
on an element, all htmx attributes within that element will be ignored.
Content Security Policies & Htmx
A Content Security Policy (CSP) is a browser technology that allows you to detect and prevent certain types of content injection-based attacks. A full discussion of CSPs is beyond the scope of this book, but we refer you to the Mozilla Developer Network article on the topic for more information.
A common feature to disable using a CSP is the
the risk to keep it enabled in their web applications.
Htmx does not make heavy use of
eval() and, thus, a CSP with this restriction in place will be fine. The one
feature that does rely on
eval() is event filters, discussed above. If you decide to disable
eval() for your
web application, you will not be able to use the event filtering syntax.
There are a large number of configuration options available for htmx. Some examples of things you can configure are:
- The default swap style
- The default swap delay
- The default timeout of AJAX requests
A full list of configuration options can be found in the config section of the main htmx documentation.
Htmx is typically configured via a
meta tag, found in the header of a page. The name of the meta tag should be
htmx-config, and the content attribute should contain the configuration overrides, formatted as JSON. Here is
In this case, we are overriding the default swap style from the usual
outerHTML. This might be useful
if you find yourself using
outerHTML more frequently than
innerHTML and want to avoid having to explicitly set that
swap value throughout your application.