Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
html-head-component
Advanced tools
html-head-component
A native web component for everything which might go in the <head> of your document.
Head Component
A native web component for everything which might go in the
<head>of your document.
Visitor stats
Code stats
Install
npm i html-head-component
# or
yarn add html-head-component
Usage
In your JavaScript/TypeScript entry point:
import 'html-head-component';
You can also include the web component directly from unpkg.com:
import('https://unpkg.com/html-head-component');
or
<script async src="https://unpkg.com/html-head-component"></script>
Then add the component in your HTML/JSX markup:
The custom component should be placed in the <body> tag. If you try to place it in the <head> the browser will explicitly move it in the <body> and you might experience issues with the rest of the elements in the <head>.
Using the data attribute
<html-head-component
data='
[
{
"tag": "title",
"content": "Title"
},
{
"tag": "meta",
"name": "author",
"content": "Scriptex"
},
{
"tag": "link",
"rel": "stylesheet",
"href": "./style.css"
}
]
'
></html-head-component>
Using the src attribute
<html-head-component src="./data.json"></html-head-component>
Usage details
The web component accepts two attributes:
srcwhich is a valid path to a JSON file containing array of objects.datawhich is a valid JSON string which represents an array of objects.
Only one of those attributes should be used. If both are used, the src attribute overwrites the data attribute.
Each object in the JSON array should have a tag property which specifies the HTML element which will be rendered.
The rest of the properties in the object specify the attributes and their content in key:value pairs (attribute:attribute-content).
There are several exceptions:
- The document title's content is rendered as
innerHTMLof the<title>tag. - Each
styletag's content property will be rendered asinnerHTMLof the<style>tag. - Each
scripttag's content property will be rendered asinnerHTMLof the<script>tag. - Each
noscripttag's content property will be rendered asinnerHTMLof the<noscript>tag.
React with TypeScript
If you're using React with TypeScript, you need to extends the JSX IntrinsicElements interface so TypeScript knows that the html-head-component element exists.
You can do so in a custom.d.ts file in your project's root folder. Don't forget to add that file in your tsconfig.json!
declare namespace JSX {
interface IntrinsicElements {
html-head-component: any;
}
}
Full example
You can check out the demo usage using data attribute.
Or
You can check out the demo usage using src attribute.
Full list of what can go in the <head> of your document, please check this awesome repository
LICENSE
MIT
Connect with me:
Support and sponsor my work:
FAQs
A native web component for everything which might go in the <head> of your document.
The npm package html-head-component receives a total of 115 weekly downloads. As such, html-head-component popularity was classified as not popular.
We found that html-head-component demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Nov 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025