Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@ckeditor/ckeditor5-widget
Advanced tools
@ckeditor/ckeditor5-widget is a package that provides the base functionality for creating and managing widgets in CKEditor 5. Widgets are special types of content that can be edited and manipulated as a single unit, such as images, tables, or custom blocks.
Creating a Simple Widget
This code demonstrates how to create a simple widget in CKEditor 5. It registers a new model element 'simpleWidget' and sets up the necessary conversions for upcasting, data downcasting, and editing downcasting.
import Widget from '@ckeditor/ckeditor5-widget/src/widget';
import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
class SimpleWidget extends Plugin {
init() {
const editor = this.editor;
editor.model.schema.register('simpleWidget', {
isObject: true,
allowWhere: '$block'
});
editor.conversion.for('upcast').elementToElement({
model: 'simpleWidget',
view: 'div'
});
editor.conversion.for('dataDowncast').elementToElement({
model: 'simpleWidget',
view: 'div'
});
editor.conversion.for('editingDowncast').elementToElement({
model: 'simpleWidget',
view: (modelElement, viewWriter) => {
const div = viewWriter.createContainerElement('div');
return toWidget(div, viewWriter);
}
});
}
}
export default SimpleWidget;
Custom Widget with Editable Content
This code demonstrates how to create a custom widget with editable content. It registers a new model element 'customWidget' and sets up the necessary conversions. The widget contains an inner editable element, allowing users to edit its content directly.
import Widget from '@ckeditor/ckeditor5-widget/src/widget';
import Plugin from '@ckeditor/ckeditor5-core/src/plugin';
import { toWidget, toWidgetEditable } from '@ckeditor/ckeditor5-widget/src/utils';
class CustomWidget extends Plugin {
init() {
const editor = this.editor;
editor.model.schema.register('customWidget', {
isObject: true,
allowWhere: '$block',
allowContentOf: '$root'
});
editor.conversion.for('upcast').elementToElement({
model: 'customWidget',
view: 'div'
});
editor.conversion.for('dataDowncast').elementToElement({
model: 'customWidget',
view: 'div'
});
editor.conversion.for('editingDowncast').elementToElement({
model: 'customWidget',
view: (modelElement, viewWriter) => {
const div = viewWriter.createContainerElement('div');
const innerEditable = viewWriter.createEditableElement('div');
viewWriter.insert(viewWriter.createPositionAt(div, 0), innerEditable);
return toWidget(div, viewWriter, { label: 'custom widget' });
}
});
}
}
export default CustomWidget;
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It provides a rich API for creating custom content and widgets, similar to CKEditor 5's widget system. However, Quill's approach to customization and its API differ significantly from CKEditor 5.
Draft.js is a JavaScript rich text editor framework, built for React. It allows developers to create complex editors with custom content blocks and widgets. While it offers similar functionality to CKEditor 5 widgets, it is tightly integrated with React and has a different architecture.
ProseMirror is a toolkit for building rich text editors with a focus on extensibility and customizability. It provides a robust API for creating custom content and widgets, similar to CKEditor 5. ProseMirror's approach is more low-level, offering greater control but requiring more effort to implement complex features.
This package implements the widget API for CKEditor 5.
See the @ckeditor/ckeditor5-widget
package page in CKEditor 5 documentation.
npm install ckeditor5
Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md
file or https://ckeditor.com/legal/ckeditor-oss-license.
FAQs
Widget API for CKEditor 5.
We found that @ckeditor/ckeditor5-widget demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.