Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
details-dialog-element
Advanced tools
A modal dialog that's opened with a <details> button.
$ npm install --save details-dialog-element
import 'details-dialog-element'
<details>
<summary>Open dialog</summary>
<details-dialog>
Modal content
<button type="button" data-close-dialog>Close</button>
</details-dialog>
</details>
Dialog content can be loaded from a server by embedding an <include-fragment>
element.
<details>
<summary>Robots</summary>
<details-dialog src="/robots" preload>
<include-fragment>Loading…</include-fragment>
</details-dialog>
</details>
The src
attribute value is copied to the <include-fragment>
the first time the <details>
button is toggled open, which starts the server fetch.
If the preload
attribute is present, hovering over the <details>
element will trigger the server fetch.
details-dialog-close
details-dialog-close
event is fired from <details-dialog>
when a request to close the dialog is made from
summary, [data-close-dialog]
, ordialog.toggle(false)
This event bubbles, and can be canceled to keep the dialog open.
document.addEventListener('details-dialog-close', function(event) {
if (!confirm('Are you sure?')) {
event.preventDefault()
}
})
Browsers without native custom element support require a polyfill.
npm install
npm test
Distributed under the MIT license. See LICENSE for details.
FAQs
A modal dialog opened with a <details> button.
The npm package details-dialog-element receives a total of 6 weekly downloads. As such, details-dialog-element popularity was classified as not popular.
We found that details-dialog-element demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.