Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
A simple library for composable DOM elements using tagged template strings.
If you're looking for a higher level front end framework, try yo-yo. Or even higher than that, try choo.
For a more in depth tutorial on getting started, please check out the wiki.
Create an element:
// list.js
var bel = require('bel')
module.exports = function (items) {
return bel`<ul>
${items.map(function (item) {
return bel`<li>${item}</li>`
})}
</ul>`
}
Then pass data to it and add to the DOM:
// app.js
var createList = require('./list.js')
var list = createList([
'grizzly',
'polar',
'brown'
])
document.body.appendChild(list)
// list.js
var bel = require('bel')
// The DOM is built by the data passed in
module.exports = function (items, onselected) {
function render () {
return bel`<ul>
${items.map(function (item) {
return bel`<li>${button(item.id, item.label)}</li>`
})}
</ul>`
}
function button (id, label) {
return bel`<button onclick=${function () {
// Then action gets sent up
onselected(id)
}}>${label}</button>`
}
var element = render()
return element
}
// app.js
var bel = require('bel')
var morphdom = require('morphdom')
var list = require('./list.js')
module.exports = function (bears) {
function onselected (id) {
// When a bear is selected, rerender with the newly selected item
// This will use DOM diffing to render, sending the data back down again
morphdom(element, render(id))
}
function render (selected) {
return bel`<div className="app">
<h1>Selected: ${selected}</h1>
${list(bears, onselected)}
</div>`
}
// On first render, we haven't selected anything
var element = render('none')
return element
}
hyperx
is built into bel
but there may be times when you wish to use your
own version or implementation of hyperx
. Or if you prefer to create elements
using bel
without using tagged template literals:
var createElement = require('bel').createElement
var hyperx = require('hyperx')
var bel = hyperx(createElement)
var element = bel`<div class="heading">Hello!</div>`
// ...
var sameElement = createElement('div', { className: 'heading' }, ['Hello!'])
Transform bel template strings into pure and fast document calls with browserify.
e.g. browserify entry.js -g yo-yoify -o bundle.js
Please use yo-yoify which will transform any Function.caller
into plain strings until an alternative solution to identify element creators is implemented.
yo-yoify can resolve the error like below:
TypeError: Function.caller used to retrieve strict caller
or
TypeError: access to strict mode caller function is censored
bel sets attributes with element.setAttribute()
and element.setAttributeNS()
, and creates text nodes with document.createTextNode()
. These approaches mitigate some Cross-Site Scripting (XSS) attacks. You should still code carefully every time you put content from users in the DOM.
(c) 2016 Kyle Robinson Young. MIT License
FAQs
A simple extension to native elements
The npm package bel receives a total of 904 weekly downloads. As such, bel popularity was classified as not popular.
We found that bel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.