You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Socket
Socket
Sign inDemoInstall

@xmldom/xmldom

Package Overview
Dependencies
13
Maintainers
4
Versions
36
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@xmldom/xmldom

A pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module.


Version published
Maintainers
4
Created

Package description

What is @xmldom/xmldom?

The @xmldom/xmldom package is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. It allows users to parse XML strings into a DOM tree and serialize DOM objects back into XML strings. This package is useful for server-side and client-side manipulation of XML data.

What are @xmldom/xmldom's main functionalities?

Parsing XML to DOM

This feature allows you to parse a string of XML and create a DOM tree, which can then be manipulated or queried.

const { DOMParser } = require('@xmldom/xmldom');
const xmlString = '<root><child>Hello World</child></root>';
const doc = new DOMParser().parseFromString(xmlString, 'text/xml');
console.log(doc.documentElement.nodeName); // 'root'

Serializing DOM to XML

This feature enables you to take a DOM tree and convert it back into a string of XML, which can be stored or transmitted.

const { XMLSerializer } = require('@xmldom/xmldom');
const doc = new DOMParser().parseFromString('<root></root>', 'text/xml');
doc.documentElement.appendChild(doc.createElement('child'));
const xmlString = new XMLSerializer().serializeToString(doc);
console.log(xmlString); // '<root><child/></root>'

Manipulating DOM

This feature demonstrates how to manipulate the DOM tree by changing the text content of an element.

const { DOMParser } = require('@xmldom/xmldom');
const xmlString = '<root><child>Old Value</child></root>';
const doc = new DOMParser().parseFromString(xmlString, 'text/xml');
doc.getElementsByTagName('child')[0].textContent = 'New Value';
const newXmlString = new XMLSerializer().serializeToString(doc);
console.log(newXmlString); // '<root><child>New Value</child></root>'

Other packages similar to @xmldom/xmldom

Changelog

Source

0.8.10

Fixed

  • dom: prevent iteration over deleted items #514/ #499

Thank you, @qtow, for your contributions

Readme

Source

@xmldom/xmldom

Since version 0.7.0 this package is published to npm as @xmldom/xmldom and no longer as xmldom, because we are no longer able to publish xmldom.
For better readability in the docs we will continue to talk about this library as "xmldom".

license(MIT) npm snyk.io package health bug issues help-wanted issues Mutation report

xmldom is a javascript ponyfill to provide the following APIs that are present in modern browsers to other runtimes:

  • convert an XML string into a DOM tree
    new DOMParser().parseFromString(xml, mimeType) => Document
    
  • create, access and modify a DOM tree
    new DOMImplementation().createDocument(...) => Document
    
  • serialize a DOM tree back into an XML string
    new XMLSerializer().serializeToString(node) => string
    

The target runtimes xmldom supports are currently Node >= v10 (ES5) and Rhino (not tested as part of CI).

When deciding how to fix bugs or implement features, xmldom tries to stay as close as possible to the various related specifications/standards.
As indicated by the version starting with 0., this implementation is not feature complete and some implemented features differ from what the specifications describe.
Issues and PRs for such differences are always welcome, even when they only provide a failing test case.

This project was forked from it's original source in 2019, more details about that transition can be found in the CHANGELOG.

Usage

Install:

npm install @xmldom/xmldom

Example:

In NodeJS

const { DOMParser, XMLSerializer } = require('@xmldom/xmldom')

const source = `<xml xmlns="a">
	<child>test</child>
	<child/>
</xml>`

const doc = new DOMParser().parseFromString(source, 'text/xml')

const serialized = new XMLSerializer().serializeToString(doc)

Note: in Typescript and ES6(see #316) you can use the import approach, as follows:

import { DOMParser } from '@xmldom/xmldom'

API Reference

  • DOMParser:

    parseFromString(xmlsource,mimeType)
    
    • options extension by xmldom (not DOM standard!!)
    //added the options argument
    new DOMParser(options)
    
    //errorHandler is supported
    new DOMParser({
    	/**
    	 * locator is always need for error position info
    	 */
    	locator:{},
    	/**
    	 * you can override the errorHandler for xml parser
    	 * @link http://www.saxproject.org/apidoc/org/xml/sax/ErrorHandler.html
    	 */
    	errorHandler:{warning:function(w){console.warn(w)},error:callback,fatalError:callback}
    	//only callback model
    	//errorHandler:function(level,msg){console.log(level,msg)}
    })
    	
    
  • XMLSerializer

    serializeToString(node)
    

DOM level2 method and attribute:

  • Node

    readonly class properties (aka NodeType),
    these can be accessed from any Node instance node:
    if (node.nodeType === node.ELEMENT_NODE) {...

    1. ELEMENT_NODE (1)
    2. ATTRIBUTE_NODE (2)
    3. TEXT_NODE (3)
    4. CDATA_SECTION_NODE (4)
    5. ENTITY_REFERENCE_NODE (5)
    6. ENTITY_NODE (6)
    7. PROCESSING_INSTRUCTION_NODE (7)
    8. COMMENT_NODE (8)
    9. DOCUMENT_NODE (9)
    10. DOCUMENT_TYPE_NODE (10)
    11. DOCUMENT_FRAGMENT_NODE (11)
    12. NOTATION_NODE (12)

    attribute:

    • nodeValue | prefix

    readonly attribute:

    • nodeName | nodeType | parentNode | childNodes | firstChild | lastChild | previousSibling | nextSibling | attributes | ownerDocument | namespaceURI | localName

    method:

    • insertBefore(newChild, refChild)
    • replaceChild(newChild, oldChild)
    • removeChild(oldChild)
    • appendChild(newChild)
    • hasChildNodes()
    • cloneNode(deep)
    • normalize()
    • isSupported(feature, version)
    • hasAttributes()
  • DOMException

    extends the Error type thrown as part of DOM API.

    readonly class properties:

    • INDEX_SIZE_ERR (1)
    • DOMSTRING_SIZE_ERR (2)
    • HIERARCHY_REQUEST_ERR (3)
    • WRONG_DOCUMENT_ERR (4)
    • INVALID_CHARACTER_ERR (5)
    • NO_DATA_ALLOWED_ERR (6)
    • NO_MODIFICATION_ALLOWED_ERR (7)
    • NOT_FOUND_ERR (8)
    • NOT_SUPPORTED_ERR (9)
    • INUSE_ATTRIBUTE_ERR (10)
    • INVALID_STATE_ERR (11)
    • SYNTAX_ERR (12)
    • INVALID_MODIFICATION_ERR (13)
    • NAMESPACE_ERR (14)
    • INVALID_ACCESS_ERR (15)

    attributes:

    • code with a value matching one of the above constants.
  • DOMImplementation

    method:

    • hasFeature(feature, version)
    • createDocumentType(qualifiedName, publicId, systemId)
    • createDocument(namespaceURI, qualifiedName, doctype)
  • Document : Node

    readonly attribute:

    • doctype | implementation | documentElement

    method:

    • createElement(tagName)
    • createDocumentFragment()
    • createTextNode(data)
    • createComment(data)
    • createCDATASection(data)
    • createProcessingInstruction(target, data)
    • createAttribute(name)
    • createEntityReference(name)
    • getElementsByTagName(tagname)
    • importNode(importedNode, deep)
    • createElementNS(namespaceURI, qualifiedName)
    • createAttributeNS(namespaceURI, qualifiedName)
    • getElementsByTagNameNS(namespaceURI, localName)
    • getElementById(elementId)
  • DocumentFragment : Node

  • Element : Node

    readonly attribute:

    • tagName

    method:

    • getAttribute(name)
    • setAttribute(name, value)
    • removeAttribute(name)
    • getAttributeNode(name)
    • setAttributeNode(newAttr)
    • removeAttributeNode(oldAttr)
    • getElementsByTagName(name)
    • getAttributeNS(namespaceURI, localName)
    • setAttributeNS(namespaceURI, qualifiedName, value)
    • removeAttributeNS(namespaceURI, localName)
    • getAttributeNodeNS(namespaceURI, localName)
    • setAttributeNodeNS(newAttr)
    • getElementsByTagNameNS(namespaceURI, localName)
    • hasAttribute(name)
    • hasAttributeNS(namespaceURI, localName)
  • Attr : Node

    attribute:

    • value

    readonly attribute:

    • name | specified | ownerElement
  • NodeList

    readonly attribute:

    • length

    method:

    • item(index)
  • NamedNodeMap

    readonly attribute:

    • length

    method:

    • getNamedItem(name)
    • setNamedItem(arg)
    • removeNamedItem(name)
    • item(index)
    • getNamedItemNS(namespaceURI, localName)
    • setNamedItemNS(arg)
    • removeNamedItemNS(namespaceURI, localName)
  • CharacterData : Node

    method:

    • substringData(offset, count)
    • appendData(arg)
    • insertData(offset, arg)
    • deleteData(offset, count)
    • replaceData(offset, count, arg)
  • Text : CharacterData

    method:

    • splitText(offset)
  • CDATASection

  • Comment : CharacterData

  • DocumentType

    readonly attribute:

    • name | entities | notations | publicId | systemId | internalSubset
  • Notation : Node

    readonly attribute:

    • publicId | systemId
  • Entity : Node

    readonly attribute:

    • publicId | systemId | notationName
  • EntityReference : Node

  • ProcessingInstruction : Node

    attribute:

    • data readonly attribute:
    • target

DOM level 3 support:

  • Node

    attribute:

    • textContent

    method:

    • isDefaultNamespace(namespaceURI)
    • lookupNamespaceURI(prefix)

DOM extension by xmldom

  • [Node] Source position extension;

    attribute:

    • lineNumber //number starting from 1
    • columnNumber //number starting from 1

Specs

The implementation is based on several specifications:

Overview of related specifications and their relations

DOM Parsing and Serialization

From the W3C DOM Parsing and Serialization (WD 2016) xmldom provides an implementation for the interfaces:

  • DOMParser
  • XMLSerializer

Note that there are some known deviations between this implementation and the W3 specifications.

Note: The latest version of this spec has the status "Editors Draft", since it is under active development. One major change is that the definition of the DOMParser interface has been moved to the HTML spec

DOM

The original author claims that xmldom implements [DOM Level 2] in a "fully compatible" way and some parts of [DOM Level 3], but there are not enough tests to prove this. Both Specifications are now superseded by the [DOM Level 4 aka Living standard] wich has a much broader scope than xmldom.

xmldom implements the following interfaces (most constructors are currently not exposed):

  • Attr
  • CDATASection
  • CharacterData
  • Comment
  • Document
  • DocumentFragment
  • DocumentType
  • DOMException (constructor exposed)
  • DOMImplementation (constructor exposed)
  • Element
  • Entity
  • EntityReference
  • LiveNodeList
  • NamedNodeMap
  • Node (constructor exposed)
  • NodeList
  • Notation
  • ProcessingInstruction
  • Text

more details are available in the (incomplete) API Reference section.

HTML

xmldom does not have any goal of supporting the full spec, but it has some capability to parse, report and serialize things differently when "detecting HTML" (by checking the default namespace). There is an upcoming change to better align the implementation with the latest specs, related to https://github.com/xmldom/xmldom/issues/203.

SAX, XML, XMLNS

xmldom has an own SAX parser implementation to do the actual parsing, which implements some interfaces in alignment with the Java interfaces SAX defines:

  • XMLReader
  • DOMHandler

There is an idea/proposal to make it possible to replace it with something else in https://github.com/xmldom/xmldom/issues/55

Keywords

FAQs

Package last updated on 19 Jul 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc