一种用 CSS 跨域传输文本的方案。相比 JSONP 更为安全,不需要执行跨站脚本。
通过读取 CSS3 content 属性获取传送内容。
<link> 加载完毕?收集线上的资料,发现常见的方案是计时器或者用 onpropertychange、DOMAttrModified。
考虑是 CSS3 场景,取巧用动画开始 (
animationstart) 这个事件来捕获。
Chrome、Safari 对
content样式属性字符解析并不一致
为避免未知解析规则影响,统一使用 base64 编码
function csst(id, text) {
return `
@keyframes ${id} {
from {
}
to {
color: red;
}
}
@-webkit-keyframes ${id} {
from {}
to {
color: red;
}
}
#${id} {
content: ${JSON.stringify(text)};
animation: ${id} 2s;
-webkit-animation: ${id} 2s;
}`;
}
$ npm run debug
$ npm run dist
http://jhtmls.com/idea/csst.html
FAQs
CSS Text Transformation
We found that csst demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.