Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
iframely
oEmbed/2 gateway endpoint. Get embed data for various http links through one self-hosted API
Iframely API for Responsive Web Embeds
Iframely is fast and simple HTTP API for responsive web embeds and semantic meta. The API covers well over 1800 domains through 200 custom domain plugins and generic parsers for oEmbed, Open Graph and Twitter Cards, powered by Iframely's whitelist.
The whitelist file is pulled from iframely.com and is updated automatically. You can also have your own whitelist file. The whitelisting is manual process, and we do every-day manual regression testing to ensure integrity. Submit your domain, if you publish embeds.
HTTP API are available as oEmbed or Iframely API formats. To make it simple to understand, Iframely format mimics the <head> section of the page with its meta and links elements.
In response to url request, APIs returns you the embeds and meta for a requested web page. Below are data samples from hosted API, just to show you the format:
Iframely can also be used as Node.js library.
Requires Node version 0.10.22 and up.
Get started:
To get started with the APIs:
- There's a hosted version of these APIs at iframely.com, if you'd rather rely on the cloud
- How to install & configure your Iframely host.
- API in Iframely format
- API in oEmbed format
- About Link Rels, Types and Media Queries in Iframely format (players, thumbnails, app, reader, survey, slideshow, etc)
- META semantics Iframely API scrapes for you.
Contribute
We put our best effort to maintain Iframely and all its domain parsers. Please, feel free to reach us on Twitter or to submit an issue if you have any suggestions. Our support email is support at iframely.com
Fork and pull-request, if you'd like to add more plugins and/or contribute fixes or improvements. By doing so, you make your work available under the same MIT license.
If you see an error in our domains whitelist (you can debug URLs here), please ping us and we'll fix it in no time.
License & Authors
MIT License. (c) 2012-2016 Itteco Software Corp. Nazar Leush, Ivan Paramonau
Please, check the contributors list to get to know awesome folks that also helped a lot.
FAQs
oEmbed/2 gateway endpoint. Get embed data for various http links through one self-hosted API
The npm package iframely receives a total of 27,355 weekly downloads. As such, iframely popularity was classified as popular.
We found that iframely demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 18 Aug 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025