Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
dropzone
Advanced tools
Readme
Dropzone is a JavaScript library that turns any HTML element into a dropzone. This means that a user can drag and drop a file onto it, and Dropzone will display file previews and upload progress, and handle the upload for you via XHR.
It's fully configurable, can be styled according to your needs and is trusted by thousands.
Install:
$ npm install --save dropzone
# or with yarn:
$ yarn add dropzone
Use as ES6 module (recommended):
import { Dropzone } from "dropzone";
const dropzone = new Dropzone("div#myId", { url: "/file/post" });
or use as CommonJS module:
const { Dropzone } = require("dropzone");
const dropzone = new Dropzone("div#myId", { url: "/file/post" });
👉 Checkout our example implementations for different bundlers
Use the standalone files like this:
<script src="https://unpkg.com/dropzone@5/dist/min/dropzone.min.js"></script>
<link
rel="stylesheet"
href="https://unpkg.com/dropzone@5/dist/min/dropzone.min.css"
type="text/css"
/>
<div class="my-dropzone"></div>
<script>
// Dropzone has been added as a global variable.
const dropzone = new Dropzone("div.my-dropzone", { url: "/file/post" });
</script>
src/options.js
for all available options⚠️ NOTE: We are currently moving away from IE support to make the library more lightweight. If you don't care about IE but about size, you can already opt into
6.0.0-beta.1
. Please make sure to pin the specific version since parts of the API might change slightly. You can always read about the changes in theCHANGELOG
file.
If you need support please use the discussions section or
stackoverflow with the dropzone.js
tag and not the GitHub issues
tracker. Only post an issue here if you think you discovered a bug.
If you have a feature request or want to discuss something, please use the discussions as well.
⚠️ Please read the contributing guidelines before you start working on Dropzone!
thumbnail(file, data)
and display the image wherever you likeSee LICENSE file
FAQs
Handles drag and drop of files for you.
The npm package dropzone receives a total of 425,439 weekly downloads. As such, dropzone popularity was classified as popular.
We found that dropzone demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.