
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
@apideck/file-picker-js
Advanced tools
A vanilla JavaScript library to embed the [Apideck FilePicker](https://www.apideck.com/samples/file-picker) in any web application.
A vanilla JavaScript library to embed the Apideck FilePicker in any web application.
FilePicker JS | FilePicker React
npm install @apideck/file-picker-js
If you don't want to set up a build environment, you can get @apideck/file-picker-js
from a CDN like unpkg.com and it will be globally available through the window.FilePicker
object.
<script src="https://unpkg.com/@apideck/file-picker-js"></script>
Before opening the FilePicker modal with @apideck/file-picker-js
, you need to create a Vault session from your backend using the Vault API or one of our SDKs. Find out more in the docs.
Pass the JWT you got from the Vault session to @apideck/file-picker-js
and provide an onSelect
function that acts upon selection of a file:
import { FilePicker } from '@apideck/file-picker-js';
FilePicker.open({
token: 'REPLACE_WITH_SESSION_TOKEN',
onSelect: file => console.log(file),
});
If you want to get notified when the modal opens and closes, you can provide the onReady
and onClose
options. You could also get notified when the consumer switches from integration by using the onConnectionSelect
option.
import { FilePicker } from '@apideck/file-picker-js';
FilePicker.open({
token: 'REPLACE_WITH_SESSION_TOKEN',
onSelect: file => console.log(file),
onClose: () => {
console.log('closed!');
},
onReady: () => {
console.log('ready!');
},
onConnectionSelect: connection => {
console.log(connection);
},
});
You can also provide a file through the fileToSave
options that will force the FilePicker to go into "Upload" mode. This will allow the user to select the connector and folder that the file needs to get saved to.
import { FilePicker } from '@apideck/file-picker-js';
FilePicker.open({
token: 'REPLACE_WITH_SESSION_TOKEN',
fileToSave: '<add-file-here>',
});
Property | Type | Required | Default | Description |
---|---|---|---|---|
token | string | true | - | The JSON Web Token returned from the Create Session call |
onSelect | event | false | - | The function that gets called when a file is selected |
onConnectionSelect | event | false | - | The function that gets called when a connection is selected |
title | string | false | Apideck File Picker | Title shown in the modal |
subTitle | string | false | Select a file | Subtitle shown in the modal |
showAttribution | boolean | false | true | Show "Powered by Apideck" in the backdrop of the modal backdrop |
open | boolean | false | false | Opens the file picker if set to true |
onClose | event | false | - | Function that gets called when the modal is closed |
fileToSave | file | false | - | Forces "Upload" mode to select the folder to upload the provided file |
FAQs
A vanilla JavaScript library to embed the [Apideck FilePicker](https://www.apideck.com/samples/file-picker) in any web application.
The npm package @apideck/file-picker-js receives a total of 37 weekly downloads. As such, @apideck/file-picker-js popularity was classified as not popular.
We found that @apideck/file-picker-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.