Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@pixi/text-html
Advanced tools
An alternative to PIXI.Text
that works with both WebGL and Canvas, however, it has some advantages:
<strong>
, or <em>
, as well as <span style="">
Disadvantages:
PIXI.Text
, HTMLText rendering will vary slightly between platforms and browsers. HTMLText uses SVG/DOM to render text and not Context2D's fillText like PIXI.Text
.PIXI.Text
(that is to say, slow and heavy)<foreignObject>
.import { HTMLText } from 'pixi.js';
const text = new HTMLText("Hello World", { fontSize: 20 });
Important: Because the HTMLText object takes a raw HTML string, it's represents a potential vector for XSS, it's strongly encourage you santize input especially if you're accepting user-strings.
Because rendering within a <foreignObject>
element does not have access to fonts available in the current document, therefore, you need to load the fonts explicitly.
const text = new HTMLText("Hello World", { fontFamily: 'Custom' });
await text.style.loadFont('./path/to/custom-regular.ttf', { family: 'Custom' });
Multiple Weights
const text = new HTMLText("Hello <b>World</b>", { fontFamily: 'Custom' });
await Promise.all([
text.style.loadFont('./path/to/custom-regular.ttf', { family: 'Custom' }),
text.style.loadFont('./path/to/custom-bold.ttf', { family: 'Custom', weight: 'bold' });
]);
Not all styles and values are compatible between PIXI.Text, mainly because Text is rendered using a DOM element instead of Context2D's fillText API.
Supported
fill
fontFamily
fontSize
fontWeight
fontStyle
fontVariant
letterSpacing
†align
(also supports justify
value)padding
breakWords
lineHeight
†whiteSpace
(also supports nowrap
, pre-wrap
values)wordWrap
wordWrapWidth
strokeThickness
‡dropShadow
‡dropShadowAngle
dropShadowDistance
dropShadowBlur
‡dropShadowColor
stroke
strokeThickness
† Values may differ slightly from PIXI.Text rendering. ‡ Appearance may differ slightly between different browsers.
Unsupported
fillGradientStops
fillGradientType
lineJoin
miterLimit
textBaseline
trim
leading
FAQs
Multi-Style Text Rendering Plugin for PixiJS
The npm package @pixi/text-html receives a total of 0 weekly downloads. As such, @pixi/text-html popularity was classified as not popular.
We found that @pixi/text-html demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.