Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@xylabs/meta-server
Advanced tools
Readme
Express server for properly rendering HTML metadata on React sites when scraped/shared. Since React requires JS to execute in order to manipulate the DOM, page content and HTML metadata often looks different when viewed in a browser vs when scraped/shared. Likewise, client routes created via the History pushState API are client-side only and will return Not Found when requested to the server. The MetaServer attempts to ensure that shared/scraped links render the HTML just as it would be rendered when viewed in the browser. This is accomplished by intercepting route requests and rendering the HTML in headless Chrome then returning the resultant HTML instead of the typical React-hosting flow of just redirecting to the root of the site.
The package should be installed under dependencies
(not under devDependencies
) as the server will be used for hosting & running the React App.
Using npm:
npm i --save @xylabs/meta-server
Using yarn:
yarn add @xylabs/meta-server
The build output can be hosted/served via the MetaServer by running the included script. Configuration is available via
npm run start-meta
yarn start-meta
You can configure the root directory from which your app is served via the ENV VAR SERVE_DIRECTORY
which defaults to './build'
if not supplied
To allow for containerized deployment the included script docker-build
is provided which creates a production build of the app and outputs a container with the Meta Server which proxies the built app.
xy.config.json
to the root of your build output (see sample below)Sample xy.config.json
{
liveShare: {
exclude: ['/exclude/*'],
include: ['/live-share-route/*'],
},
}
For LiveShare routes, pages are required to provide a meta tag with the property xyo:og:image
with a content attribute that contains the URL of the preferred route for rendering the preview. The URL specified for the preview must be valid and lead to a route where an element with the ID 'preview-container' is present. The MetaServer wil:
xyo:og:image
attributexyo:og:image
attribuepreview-container
og:image
(and associated properties like height/width) to point to the cached snapshotSee the LICENSE file for license details
FAQs
Meta Server - adjusts meta data on index.html for served static site
The npm package @xylabs/meta-server receives a total of 35 weekly downloads. As such, @xylabs/meta-server popularity was classified as not popular.
We found that @xylabs/meta-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.