Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
grunt-assets-inline-cn
Advanced tools
A grunt task which takes a html file, finds all the css, js links and images, and outputs a version with all the css, js and images (Base64) written inline.
A grunt task which takes a html file, finds all the css, js links and images, and outputs a version with all the css, js and images (Base64) written inline.
This is a fork of original grunt-html-smoosher by Ben Breedlove with fixes and new features.
This plugin requires Grunt ~0.4.1
If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command:
npm install grunt-assets-inline --save-dev
One the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-assets-inline');
In your project's Gruntfile, add a section named assets_inline
to the data object passed into grunt.initConfig()
.
grunt.initConfig({
assets_inline: {
options: {
jsTags: { // optional
start: '<script type="text/javascript">', // default: <script>
end: '</script>' // default: </script>
},
},
all: {
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
Defaults to false
.
Minify scripts with UglifyJS.
grunt.initConfig({
assets_inline: {
all: {
options: {
minify: true
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
Defaults to ""
.
When you have absolute paths for your external assets, it helps to add the local address of your asset files; relative to uncompiled HTML file.
grunt.initConfig({
assets_inline: {
all: {
options: {
jsDir: "../",
cssDir: "/project/styles/",
assetsDir: "/project/"
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
Example
If the local cwd for your uncompiled file is /project/html
then the above settings would resolve:
<script src="/assets/js/script.js">
will use a local file at /project/js/script.js
<link href="/assets/css/styles.css">
will use a local file at /project/styles/assets/css/styles.css
<img src="/assets/svg/header.svg">
will use a local file at /project/assets/svg/header.svg
Defaults to false
.
If you want to smoosh img
sources to Base64 in HTML, you can set inlineImg
to true.
grunt.initConfig({
assets_inline: {
all: {
options: {
inlineImg: true
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
Defaults to true
.
If you want to smoosh SVGs in img
tags in HTML, you can set inlineSvg
to true.
grunt.initConfig({
assets_inline: {
all: {
options: {
inlineSvg: true
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
<img src="src/to/header.svg">
will turn into <img src="data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' width='2175...
.
Defaults to false
.
grunt.initConfig({
assets_inline: {
all: {
options: {
inlineSvg: true,
inlineSvgBase64: true
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
SVG images are inlined directly into HTML by default. To have more compatibility with older browsers, you can also Base64 SVGs:
<img src="src/to/header.svg">
will turn into <img src="data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0...
.
Please note that Base64 generated files are always slightly bigger than the original files.
If you have assets in CSS or JS (for example images, fonts, SVGs), smooshing CSS or JS into HTMLs may break relative URLs, so you may have to replace the original URLs to absolute URLs.
This option only searchs for URLs begin with ../
.
grunt.initConfig({
assets_inline: {
all: {
options: {
assetsUrlPrefix: '<%= config.base %>/assets/'
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
Defaults to ""
.
grunt.initConfig({
assets_inline: {
all: {
options: {
includeTag: "?assets-inline"
},
files: {
'dest-index.html': 'source-index.html',
},
},
},
});
By default all CSS and JS files are smooshed in HTML, If you only need specific files to be smooshed, you should define includeTag
.
For example the above configuration only smoosh filenames with ?assets-inline
queries:
<link href="/assets/css/styles.css?assets-inline">
Defaults to
{
start: "<style>",
end: "</style>"
}
Defaults to
{
start: "<script>",
end: "</script>"
}
Defaults to
{
deleteOriginals: false
}
You can delete smooshed files after the main task. Please note that once a file is smooshed into the HTML, it will marked as pending delete, no matter if it is included elsewhere without smooshing.
Defaults to
{
verbose: false
}
Get detailed output log.
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests for any new or changed functionality. Lint and test your code using Grunt.
CHANGELOG.md
for further release historyassetsDir
, inlineSvg
, and inlineSvgBase64
supportassetsUrlPrefix
assetsUrlPrefix
support for fixing relative assets URLs in smooshed CSSignoreImg
supportincludeTag
support, only selected files will be smooshed if this option is definedFAQs
A grunt task which takes a html file, finds all the css, js links and images, and outputs a version with all the css, js and images (Base64) written inline.
We found that grunt-assets-inline-cn demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.