Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@khmyznikov/pwa-install
Advanced tools
PWA install dialog provide more convenience user experience and fix lack of native dialogs in some browsers.
New to PWAs? Unsure how to create a Web App? Check out these resources for a quick start: PWA Intro, PWA Starter, PWA Builder
Installation dialog for Progressive Web Application (PWA) and Add to Home Screen/Dock dialog for Web Apps. This offers an enhanced user experience and addresses the absence of native dialogs in certain browsers. 20kB brotli compressed bundle. Translation/localization is supported.
Use it as Web Component with any modern framework. No polyfill is required. React polyfill. Angular sample.
iOS default | Install instruction | App gallery |
---|---|---|
MacOS 14+ (Sonoma) | Install instruction |
---|---|
iPadOS |
---|
Android | App gallery | Light theme |
---|---|---|
Chrome | App Gallery |
---|---|
npm i @khmyznikov/pwa-install
Alternatively, you can use unpkg or esm.sh.
import '@khmyznikov/pwa-install';
<pwa-install></pwa-install>
<pwa-install
manual-apple="true"
manual-chrome="true"
disable-chrome="true"
disable-close="true"
install-description="Custom call to install text"
disable-install-description="true"
disable-screenshots="true"
manifest-url="/manifest.json"
name="PWA"
description="Progressive web application"
icon="/icon.png">
</pwa-install>
<!--
manual-apple/chrome params means you want to show the Dialog manually by showDialog().
disable-chrome param is for completely disabling custom logic and interception for Chominum browsers (will work built-in browser logic).
--->
Make a good manifest file and don't use name/descr/icon params. Boolean attributes needs to be removed to act like "false"
<script type="text/javascript">
var pwaInstall = document.getElementsByTagName('pwa-install')[0];
pwaInstall.addEventListener('pwa-install-success-event', (event) => {console.log(event.detail.message)});
</script>
⚠️ success/fail/choice events is Chromium only, iOS don't have them.
<script type="text/javascript">
var pwaInstall = document.getElementsByTagName('pwa-install')[0];
console.log(pwaInstall.isUnderStandaloneMode);
</script>
<script type="text/javascript">
var pwaInstall = document.getElementsByTagName('pwa-install')[0];
pwaInstall.install();
</script>
getInstalledRelatedApps is Chromium only, always empty on iOS.
If you need to target Chromium browsers but you want to postpone component mounting, you can do it! But, need to capture beforeinstallprompt manually and pass it to the component's externalPromptEvent property(not attribute).
// capture event asap, better right in index.html script tag
window.addEventListener('beforeinstallprompt', (e) => {
e.preventDefault();
e.stopPropagation();
e.stopImmediatePropagation();
// save it somewhere
window.promptEvent = e;
});
// later render the component on demand and pass event
document.getElementById("pwa-install").externalPromptEvent = window.promptEvent;
Translations available:
Language should change automatically based on browser settings. Please create the pull-request if you want to help with translation to your language. It's an easy process.
FAQs
PWA install dialog provide more convenience user experience and fix lack of native dialogs in some browsers.
The npm package @khmyznikov/pwa-install receives a total of 19,814 weekly downloads. As such, @khmyznikov/pwa-install popularity was classified as popular.
We found that @khmyznikov/pwa-install demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.