Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
arale-upload
Advanced tools
iframe and html5 uploader.
⇪
查看演示,你需要 clone 一份代码:
$ git clone git://github.com/aralejs/upload
$ cd upload
$ npm install
$ spm install
$ node server.js
然后访问:http://localhost:8000/demo.html
var uploader = new Uploader({
trigger: '#upload-icon',
name: 'image',
action: '/upload',
accept: 'image/*',
data: {'xsrf': 'hash'},
multiple: true,
error: function(file) {
alert(file);
},
success: function(response) {
alert(response);
},
progress: function(event, position, total, percent, files) {
console.log(percent);
}
});
element|selector
trigger 唤出文件选择器,可以是:
- 选择器
- element
- jQuery Object
string
name 即为 <input name="{{name}}">
的值,即上传文件时对应的 name。
url
action 为 <form action="{{action}}">
的值,表单提交的地址。
string
支持的文件类型,比如 image/\*
为只上传图片类的文件。可选项。
boolean
是否支持多文件上传。默认为 false。
object
随表单一起要提交的数据。
function
上传失败的回调函数。
function
上传成功的回调函数。
function
上传的进度回调,不支持 IE9-。回调的参数分别为 ajaxEvent, 当前上传字节,总字节,进度百分比和当前文件列表。
链式调用:
var uploader = new Uploader({
trigger: '#upload-icon',
name: 'image',
action: '/upload',
data: {'xsrf': 'hash'}
}).success(function(response) {
alert(response);
}).error(function(file) {
alert(file);
});
<a id="upload" data-name="image" data-action="/upload" data-data="a=a&b=b">Upload</a>
<script>
var uploader = new Uploader({'trigger': '#upload'});
// more friendly way
// var uploader = new Uploader('#upload');
uploader.success(function(response) {
alert(response);
});
</script>
Demo in API section could not be controlled. When you select a file, it will
be submitted immediately. We can broke the chain with change
:
var uploader = new Uploader({
trigger: '#upload-icon',
name: 'image',
action: '/upload',
data: {'xsrf': 'hash'}
}).change(function(files) {
for (var i=0; i<files.length; i++) {
console.log('you are selecting ' + files[i].name + ' Size: ' + files[i].size);
}
// Default behavior of change is
// this.submit();
}).success(function(response) {
alert(response);
});
Now you should handle it yourself:
$('#submit').click(function() {
uploader.submit();
});
It is impossible to show progress, but you can make a fake prgress.
var uploader = new Uploader({
trigger: '#upload-icon',
name: 'image',
action: '/upload',
data: {'xsrf': 'hash'},
progress: function(e, position, total, percent, files) {
$('#progress').text('Uploading ... ' + percent + '%');
}
}).change(function(files) {
// before submit
$('#progress').text('Uploading ...');
this.submit();
}).success(function(response) {
$('#progress').text('Success');
alert(response);
});
Load uploader with seajs:
seajs.use('upload', function(Uploader) {
var uploader = new Uploader({
});
});
2013-12-10 1.1.0
2013-07-18 1.0.1
2013-06-25 1.0.0
Combine iframe and html5 uploader.
FAQs
html5 uploader and iframe uploader.
We found that arale-upload demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.