Security News
PEP 810 Proposes Explicit Lazy Imports for Python 3.15
An opt-in lazy import keyword aims to speed up Python startups, especially CLIs, without the ecosystem-wide risks that sank PEP 690.
By Sarah Gooding - Oct 04, 2025
Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More →
common-xml-features
Advanced tools
Introduction
When working on Electron, you may have the same code executed in the renderer process and in the master/node process.
It could be an issue if you have to manage XML :
- Which XML libraries to use in a node process ?
- How code could be the same in both contexts (renderer, node) ?
- Impact of the XML libraries in the size of the browserify'ied files ?
Many browser supports natively XML features like DOMParser, XMLSerializer,... it would be a shame to not use Chrome's implementations when hosted in a renderer process.
Purposes
Purposes of this package are :
- whatever the context, provide a common API for accessing XM features
- when loaded in a node context
- uses a fork of xmldom and use a fork of xpath packages
- fix XMLSerializer issue of xmldom ('>' is not escaped !)
- generates a standard document when xmldom meets an issue (MDN DOMParser)
- enhances xmldom Document interface with XPath functions : evaluate, createExpression, createNSResolver
- when loaded in a renderer context
- fallbacks to native implementation and prevent xmldom and xmlpath to be inlined by browserify
Samples
import * as XMLFeatures from 'common-xml-features';
let xmlDoc = new XMLFeatures.DOMParser().parseFromString(result, 'text/xml');
if (XMLFeatures.getParserError(xmlDoc)) {
// we are in trouble !
}
let entityResult = xmlDoc.evaluate('//html//body//iframe//@src', null, null, XMLFeatures.XPathResult.FIRST_ORDERED_NODE_TYPE, null);
assert(entityResult.nodeType === XMLFeatures.Node.ELEMENT_NODE)
...
let xmlDoc = new XMLFeatures.domImplementation.createDocument(null, null, null);
...
let xmlSerializer = new XMLFeatures.XMLSerializer();
let transferData = xmlSerializer.serializeToString(xmlDoc);
API
You have to use proxy to be redirected to the right class factory according to the context :
- (common-xml-features).DOMImplementation
- (common-xml-features).DOMParser
- (common-xml-features).XMLSerializer Other objects like Node, Element, Document are pure interfaces and are created through methods of classes above.
Some interfaces are exported as well :
- (common-xml-features).XPathResult
- (common-xml-features).XPathExpression
- (common-xml-features).XPathNSResolver
A helper function (experimental, returned value is not yet defined) for checking if the document is a content
- (common-xml-features).getParserError You can check if it returns null (no error) or not (parsing error).
Next
- Support another browsers : IE, Edge, Safari, ...
FAQs
Common XML API for renderer, node and master process
We found that common-xml-features demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 02 Nov 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PodRocket Podcast: Inside the Recent npm Supply Chain Attacks
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
By Sarah Gooding - Oct 02, 2025
Security News
Package Maintainers Call for Improvements to GitHub’s New npm Security Plan
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
By Sarah Gooding - Sep 30, 2025