Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@legiblemedia/epubjs
Advanced tools
Epub.js is a JavaScript library for rendering ePub documents in the browser, across many devices.
Epub.js provides an interface for common ebook functions (such as rendering, persistence and pagination) without the need to develop a dedicated application or plugin. Importantly, it has an incredibly permissive Free BSD license.
Try it while reading Moby Dick
The EPUB standard is a widely used and easily convertible format. Many books are currently in this format, and it is convertible to many other formats (such as PDF, Mobi and iBooks).
An unzipped EPUB3 is a collection of HTML5 files, CSS, images and other media – just like any other website. However, it enforces a schema of book components, which allows us to render a book and its parts based on a controlled vocabulary.
More specifically, the EPUB schema standardizes the table of contents, provides a manifest that enables the caching of the entire book, and separates the storage of the content from how it’s displayed.
Get the minified code from the build folder:
<script src="../dist/epub.min.js"></script>
If using archived .epub
files include JSZip:
<script src="https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.5/jszip.min.js"></script>
Set up a element to render to:
<div id="area"></div>
Create the new ePub, and then render it to that element:
<script>
var book = ePub("url/to/book/package.opf");
var rendition = book.renderTo("area", {width: 600, height: 400});
var displayed = rendition.display();
</script>
book.renderTo("area", { method: "default", width: "100%", height: "100%" });
The default manager only displays a single section at a time.
book.renderTo("area", { method: "continuous", width: "100%", height: "100%" });
The continuous manager will display as many sections as need to fill the screen, and preload the next section offscreen. This enables seamless swiping / scrolling between pages on mobile and desktop, but is less performant than the default method.
book.renderTo("area", { flow: "auto", width: "900", height: "600" });
Flow will be based on the settings in the OPF, defaults to paginated
.
book.renderTo("area", { flow: "paginated", width: "900", height: "600" });
Scrolled: book.renderTo("area", { flow: "scrolled-doc" });
API documentation is available at epubjs.org/documentation/0.3/
A Markdown version is included in the repo at documentation/API.md
install node.js
Then install the project dependences with npm
npm install
You can run the reader locally with the command
npm start
Test can be run by Karma from NPM
npm test
Builds are concatenated and minified using webpack and babel
To generate a new build run
npm run prepare
or to continuously build run
npm run watch
Similar to a plugins, Epub.js implements events that can be "hooked" into. Thus you can interact with and manipulate the contents of the book.
Examples of this functionality is loading videos from YouTube links before displaying a chapter's contents or implementing annotation.
Hooks require an event to register to and a can return a promise to block until they are finished.
Example hook:
rendition.hooks.content.register(function(contents, view) {
var elements = contents.document.querySelectorAll('[video]');
var items = Array.prototype.slice.call(elements);
items.forEach(function(item){
// do something with the video item
});
})
The parts of the rendering process that can be hooked into are below.
book.spine.hooks.serialize // Section is being converted to text
book.spine.hooks.content // Section has been loaded and parsed
rendition.hooks.render // Section is rendered to the screen
rendition.hooks.content // Section contents have been loaded
rendition.hooks.unloaded // Section contents are being unloaded
The reader has moved to its own repo at: https://github.com/futurepress/epubjs-reader/
Epub.js Developer Mailing List
IRC Server: freenode.net Channel: #epub.js
Follow us on twitter: @Epubjs
EPUB is a registered trademark of the IDPF.
FAQs
Parse and Render Epubs
We found that @legiblemedia/epubjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.