Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
html-screen-capture-js
Advanced tools
Readme
A tiny, highly-customizable, single-function javascript/typescript library that captures a webpage and returns a new lightweight, self-contained HTML document. The library removes all external file dependencies while preserving the original appearance of the page. At only 12KB, it offers unparalleled speed and peerless reliability.
This library can be used to:
License:
Go to the demo page and click the capture button
The code gets an HTML document as a parameter, and returns a new lightweight, self-contained HTML document object that preserves the appearance of the original page. The newly generated document strips out all scripts; CSS classes/styles are replaced by new in-document classes; and all image sources are replaced by inlined base64-encoded versions. The result is a single HTML document that looks like the original web page, but has no external dependencies like *.js, *.css, *.png, etc. It can easily be displayed, saved, archived or transferred. Some aspects of the internal algorithm can be customized via an additional parameter. The source code is written in ES6, and transpiled to ES5.
You can get this library from these sources:
Leave feedback or report a bug
You are all welcome to join the adventure.
capture([outputType], [htmlDocument], [options]);
An optional enum-type parameter, specifying the desired output. If not specified (falsey) - output will be returned as an object.
An optional object-type parameter, specifying the HTML document to capture. If not specified (falsey) - window.document is used.
An optional object-type parameter. You can change any default option value by defining a similarly named property within the object. If not specified (falsey), or specified but defining only some of the properties, default values are used for all non-defined properties.
The returned value is a static HTML document in the format specified by the OutputType parameter supplied to the function. Valid options are below:
import { capture, OutputType } from 'html-screen-capture-js';
...
const str = capture(
OutputType.STRING,
window.document,
{}
);
import {capture, OutputType} from 'html-screen-capture-js';
...
// capture the webpage
const htmlDocStr = capture(
OutputType.STRING,
window.document,
{
rulesToAddToDocStyle: [
'@import url("https://fonts.googleapis.com/css?family=Roboto&display=swap")'
],
cssSelectorsOfIgnoredElements: [
'.modal-dialog-backdrop',
'.modal-dialog--error'
]
}
);
// zip and convert
const jsZip = new JSZip();
jsZip.file('screen-capture.html', htmlDocStr);
const screenCaptureZipFile = await jsZip.generateAsync({type: 'blob', compression: 'DEFLATE'});
const screenCaptureZipFileBase64 = await this.convertBlobToBase64(screenCaptureZipFile);
// post to the server
$.ajax({
type: 'POST',
url: url,
headers: headers,
contentType: 'application/json',
dataType: 'json',
data: JSON.stringify({screenshot: screenCaptureZipFileBase64}),
});
var str = htmlScreenCaptureJs.capture(
'string',
window.document,
{}
);
If the library is missing a feature you need, you can help yourself:
// Set the output type parameter to OutputType.OBJECT (instead of the more common OutputType.STRING).
const htmlDocObj = capture(OutputType.OBJECT, ..., ...);
// Since the function now returns a DOM document object, you can further manipulate it via js.
...
...
...
// Once done, convert to a string.
const htmlDocStr = htmlDocObj.outerHTML;
// Continue as usual (sending the string to a server, etc.)
...
...
...
Obviously, you can also create a new enhancement request type issue here
FAQs
HTML Screen Capture JS
We found that html-screen-capture-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.