Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@brightcove/react-player-loader
Advanced tools
The official react component for the Brightcove Player
A React component to load a Brightcove Player in the browser.
This library has the same support characteristics as the Brightcove Player Loader.
No matter how you use this component, the only place it is available is npm.
npm install --save @brightcove/react-player-loader
Most React applications are using JSX and the toolchain provided by create-react-app
.
After installing, import
the module and use the ReactPlayerLoader
component like any other component in your React application:
NOTE:
React
/ReactDOM
are NOT required, they are only used here to show a complete working example!
import React from 'react';
import ReactDOM from 'react-dom';
import ReactPlayerLoader from '@brightcove/react-player-loader';
let reactPlayerLoader;
const onSuccess = function(success) {
// The player object or iframe element (depending on embed type) can be
// accessed in two ways.
//
// From the success object passed to the `onSuccess` callback:
console.log(success.ref);
// As a property of the component instance:
console.log(reactPlayerLoader.player);
};
reactPlayerLoader = ReactDOM.render(
<ReactPlayerLoader accountId='1234678' onSuccess={onSuccess}/>,
document.getElementById('fixture')
);
See Alternate Usage below for less common ways to use this component.
attrs
Type: Object
Provides attributes (props) to the component element.
For example, you may want to customize the className
of the component (by default, "brightcove-react-player-loader"
) by setting props on the component like so:
<ReactPlayerLoader attrs={{className: 'my-custom-class'}} />
baseUrl
Type: string
Used to override the base URL for the Brightcove Player being embedded.
Most users will never need this prop. By default, players are loaded from Brightcove's player CDN (players.brightcove.net
).
manualReloadFromPropChanges
Type: boolean
Used to specify if reloading the player after prop changes will be handled manually. This can be done by calling refToReactPlayerLoader.loadPlayer()
.
See Effects of Prop Changes below for the effects of prop changes.
All props not specified above are passed to the Brightcove Player Loader with a few differences:
onSuccess
and onFailure
callbacks.onFailure
callback, the failure will be handled by throwing an error.refNode
and refNodeInsert
internally, so those props will be ignored.When a prop passed to this component changes, it will have one of two effects:
The following props will update the player's state without a reload:
catalogSearch
catalogSequence
playlistId
playlistVideoId
videoId
All other prop changes, excluding props that are function
's, will cause a complete dispose/reload.
This repository includes a barebones demo/example page.
npm install
npm start
http://localhost:9999
in a browserAfter installation, import
the module in your JavaScript and use the ReactPlayerLoader
component like any other component in your React application:
NOTE:
React
/ReactDOM
are NOT required, they are only used here to show a complete working example!
import React from 'react';
import ReactDOM from 'react-dom';
import ReactPlayerLoader from '@brightcove/react-player-loader';
const reactPlayerLoader = ReactDOM.render(
React.createElement(ReactPlayerLoader, {
accountId: '1234678',
onSuccess(success) {
// two ways to get the underlying player/iframe at this point.
console.log(success.ref)
console.log(reactPlayerLoader.player);
}
}),
document.getElementById('fixture')
);
After installation, require
the module in your JavaScript and use the ReactPlayerLoader
component like any other component in your React application:
NOTE:
React
/ReactDOM
are NOT required, they are only used here to show a complete working example!
var React = require('react');
var ReactDOM = require('react-dom');
var ReactPlayerLoader = require('@brightcove/react-player-loader');
var reactPlayerLoader = ReactDOM.render(
React.createElement(ReactPlayerLoader, {
accountId: '1234678',
onSuccess: function(success) {
// two ways to get the underlying player/iframe at this point.
console.log(success.ref)
console.log(reactPlayerLoader.player);
}
}),
document.getElementById('fixture')
);
<script>
TagThis case is extremely unlikely to be used.
After installation or loading from a CDN, use a script
tag to include the module in your HTML and use the global window.BrightcoveReactPlayerLoader
to construct the component.
<div id="fixture"></div>
<script src="//path/to/react.min.js"></script>
<script src="//path/to/react-dom.min.js"></script>
<script src="//path/to/brightcove-react-player-loader.min.js"></script>
<script>
var React = window.React;
var ReactDOM = window.ReactDOM;
var reactPlayerLoader = ReactDOM.render(
React.createElement(window.BrightcoveReactPlayerLoader, {
accountId: '1234678',
onSuccess: function(success) {
// two ways to get the underlying player/iframe at this point.
console.log(success.ref)
console.log(reactPlayerLoader.player);
}
}),
document.getElementById('fixture')
);
</script>
FAQs
The official react component for the Brightcove Player
The npm package @brightcove/react-player-loader receives a total of 47,246 weekly downloads. As such, @brightcove/react-player-loader popularity was classified as popular.
We found that @brightcove/react-player-loader demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 173 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.