Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@1stdibs/react-portal
Advanced tools
React component for transportation of modals, lightboxes, loading bars... to document.body
Struggling with modals, lightboxes or loading bars in React? React-portal creates a new top-level React tree and injects its child into it. That's necessary for proper styling (especially positioning).
Try https://miksu.cz/react-portal or
git clone https://github.com/tajo/react-portal
cd react-portal
npm install
npm run build:examples
open examples/index.html
npm install react react-dom react-portal --save
import React from 'react';
import ReactDOM from 'react-dom';
import Portal from 'react-portal';
export default class App extends React.Component {
render() {
const button1 = <button>Open portal with pseudo modal</button>;
return (
<Portal closeOnEsc closeOnOutsideClick openByClickOn={button1}>
<PseudoModal>
<h2>Pseudo Modal</h2>
<p>This react component is appended to the document body.</p>
</PseudoModal>
</Portal>
);
}
}
export class PseudoModal extends React.Component {
render() {
return (
<div>
{this.props.children}
<p><button onClick={this.props.closePortal}>Close this</button></p>
</div>
);
}
}
ReactDOM.render(<App />, document.getElementById('react-body'));
The portal expects one child (<Portal><Child ... /></Portal>
) that will be ported.
If true, the portal is open. If false, the portal is closed. It's up to you to take care of the closing (aka taking care of the state). Don't use this prop if you want to make your life easier. Use openByClickOn instead!
The second way how to open the portal. This element will be rendered by the portal immediately
with onClick
handler that triggers portal opening. How to close the portal then? The portal provides its ported child with a callback this.props.closePortal
. Or you can use built-in portal closing methods (closeOnEsc, ... more below). Notice that you don't have to deal with the open/close state (like when using the isOpened
prop).
If true, the portal can be closed by the key ESC.
If true, the portal can be closed by the outside mouse click.
This callback is called when the portal is opened and rendered (useful for animating the DOMNode).
This callback is called when the closing event is triggered but it prevents normal removal from the DOM. So, you can do some DOMNode animation first and then call removeFromDOM() that removes the portal from DOM.
This callback is called when the portal closes and after beforeClose.
This callback is called when the portal is (re)rendered.
closeOnOutsideClick
doesn't work? There is a simple solution.<LevelTwo />
<Portal>
<LevelOne>
<LevelTwo />
</LevelOne>
</Portal>
also needs an access to this.props.closePortal()
? You can't just use {this.props.children}
in render method of <LevelOne>
component. You have to clone it instead:
{React.cloneElement(
this.props.children,
{closePortal: this.props.closePortal}
)}
Sometimes you need to open your portal (e.g. modal) automatically. There is no button to click on. No problem, because the portal has the isOpen
prop, so you can just set it to true
or false
. However, then it's completely up to you to take care about the portal closing (ESC, outside click, no this.props.closePortal
callback...).
However, there is a nice trick how to make this happen even without isOpen
:
<Portal ref="myPortal">
<Modal title="My modal">
Modal content
</Modal>
</Portal>
this.refs.myPortal.openPortal()
// opens the portal, yay!
Please, create issues and pull requests.
git clone https://github.com/tajo/react-portal
cd react-portal
npm install
npm start
open http://localhost:3000
Don't forget to run this before every commit:
npm test
Inspired by the talk React.js Conf 2015 - Hype!, Ryan Florence
FAQs
React component for transportation of modals, lightboxes, loading bars... to document.body
We found that @1stdibs/react-portal demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.