Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
browser-sync
Advanced tools
Browser-sync is a powerful tool for web developers that provides live reloading, synchronized browser testing, and other features to streamline the development process. It helps in creating a seamless development experience by automatically refreshing the browser whenever files are changed, and it can also synchronize interactions across multiple devices.
Live Reloading
This feature allows the browser to automatically reload whenever files in the specified directory are changed. The code sample sets up a server to serve files from the 'app' directory and watches for changes in any files within that directory, triggering a reload when changes are detected.
const browserSync = require('browser-sync').create();
browserSync.init({
server: './app'
});
browserSync.watch('app/**/*.*').on('change', browserSync.reload);
Synchronized Browsing
Synchronized browsing ensures that interactions like clicks and scrolls are mirrored across all connected devices. The code sample initializes Browser-sync with ghost mode enabled for clicks and scrolls, allowing these interactions to be synchronized.
const browserSync = require('browser-sync').create();
browserSync.init({
server: './app',
ghostMode: {
clicks: true,
scroll: true
}
});
Proxying an Existing Server
This feature allows Browser-sync to act as a proxy for an existing server, enabling live reloading and synchronized browsing without changing the server configuration. The code sample sets up Browser-sync to proxy requests to 'yourlocal.dev'.
const browserSync = require('browser-sync').create();
browserSync.init({
proxy: 'yourlocal.dev'
});
Live-server is a simple development HTTP server with live reload capability. It is easier to set up compared to Browser-sync but offers fewer features. It is ideal for quick prototyping and small projects.
Webpack-dev-server is a development server that provides live reloading and HMR (Hot Module Replacement) for projects using Webpack. It is more complex to set up but integrates deeply with the Webpack build process, making it suitable for larger projects with complex build requirements.
Gulp-connect is a plugin for Gulp that provides a web server with live reload capability. It is useful for projects that already use Gulp for task automation, offering a seamless way to add live reloading to the development workflow.
Keep multiple browsers & devices in sync when building websites.
Follow @Browsersync on twitter for news & updates.
Please visit browsersync.io for a full run-down of features
Browsersync works by injecting an asynchronous script tag (<script async>...</script>
) right after the <body>
tag
during initial request. In order for this to work properly the <body>
tag must be present. Alternatively you
can provide a custom rule for the snippet using snippetOptions
Providing you haven't accessed any internal properties, everything will just work as there are no breaking changes to the public API. Internally however, we now use an immutable data structure for storing/retrieving options. So whereas before you could access urls like this...
browserSync({server: true}, function(err, bs) {
console.log(bs.options.urls.local);
});
... you now access them in the following way:
browserSync({server: true}, function(err, bs) {
console.log(bs.options.getIn(["urls", "local"]));
});
If you've found Browser-sync useful and would like to contribute to its continued development & support, please feel free to send a donation of any size - it would be greatly appreciated!
Originally supported by JH - they provided financial support as well as access to a professional designer to help with Branding.
Apache 2 Copyright (c) 2021 Shane Osbourne
FAQs
Live CSS Reload & Browser Syncing
The npm package browser-sync receives a total of 818,230 weekly downloads. As such, browser-sync popularity was classified as popular.
We found that browser-sync demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.