Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
cms-module-client
Advanced tools
Readme
An editor for html pages. This is the client side part of the JS CMS module tool. It lets you edit a webpage in a WYSIWYG way. Together with the server side module, it creates nicely integrated content management system for Node JS.
To install this package, simply run:
npm install cms-module-client
Once installed, you need import it into your project and create an instance of the CMS class. Then, you simply have to call the cms.run()
method. This will assign editable tags and render a toolbar containing editing options.
import CMS from "cms-module-client";
const cms = new CMS();
cms.run();
As you probably noticed, the package uses import syntax, which means that you need a javascript bundler of some sort. Webpack is recommended, but other bundlers are also available.
As you would expect, when using a CMS system, security is a very important component. It should not be possibly for ordinary users to access the CMS editor or successfully make a request to the CMS endpoints. It is therefore strongly recommended that you have some kind of login system for administrators when using this module. The authnetication of users is not handled what so ever in the module, this responsibility is completely on you, as the developer of the service or website, to implement.
On the client, a simple way of athentication would be to specify the auth option in the CMS class to be the current session id.
Like so:
import CMS from "cms-module-client";
import { readCookie } from "./util";
const sessId = readCookie("SESSION_ID");
const cms = new CMS({ auth: sessId });
cms.run();
The value specified in the auth option will be sent as an Authorization
header. This can then be used on the server to check the authorization status of the user sending the save request.
FAQs
An editor for html pages. This is the client side part of the JS CMS module tool. It lets you edit a webpage in a WYSIWYG way. Together with the Server side module, it creates nicely integrated content management system for Node JS.
The npm package cms-module-client receives a total of 14 weekly downloads. As such, cms-module-client popularity was classified as not popular.
We found that cms-module-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.