Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@webex/helper-html
Advanced tools
HTML filter for the Cisco Webex JS SDK. See https://webex.github.io/webex-js-sdk/
Note: This package relies on DOM apis and largely returns noops in node environments.
npm install --save @webex/helper-html
filter(allowedTags, allowedStyles, html)
Filters an html string such that it only includes the allowed tags and styles. Disallowed tags and styles are removed while their contents are kept.
allowedTags
is an object keyed on tag name mapped to an array of attribuets allowed for that tag.
allwedStyles
is an array of allowed style string.
html
is a string.
Returns a promise that resolves with the new html string.
filterSync()
See filter()
filterEscape(processCallback, allowedTags, allowedStyles, html)
Filters an html string such that it only includes the allowed tags and styles. Disallowed tags and styles and their children are escaped.
processCallback
synchronous callback that receives the body of the html fragment generated from html
. Presents an opportunity to do preprocessing (e.g turn urls into links) without parsing html mulitple
times
allowedTags
is an object keyed on tag name mapped to an array of attribuets allowed for that tag.
allwedStyles
is an array of allowed style string.
html
is a string.
Returns a promise that resolves with the new html string.
filterEscapeSync()
See filterEscape()
This package is maintained by Cisco Webex for Developers.
Pull requests welcome. Please see CONTRIBUTING.md for more details.
© 2016-2020 Cisco and/or its affiliates. All Rights Reserved.
FAQs
HTML Utiltities
The npm package @webex/helper-html receives a total of 3,125 weekly downloads. As such, @webex/helper-html popularity was classified as popular.
We found that @webex/helper-html demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.