Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
in-view-custom
Advanced tools
Get notified when a DOM element enters or exits the viewport. A small (~1.9kb gzipped), dependency-free, javascript utility for IE9+.
Either download the latest release and include it in your markup or install with npm:
npm install --save in-view
With in-view, you can register handlers that are called when an element enters or exits the viewport. Each handler receives one element, the one entering or exiting the viewport, as its only argument.
inView('.someSelector')
.on('enter', doSomething)
.on('exit', el => {
el.style.opacity = 0.5;
});
in-view maintains a separate handler registry for each set of elements captured with inView(<selector>)
. Each registry exposes the same four methods. in-view also exposes four top-level methods. (is
, offset
, threshold
, test
).
Register a handler to the elements selected by
selector
forevent
. The only events in-view emits are'enter'
and'exit'
.
inView('.someSelector').on('enter', doSomething);
Register a handler to the elements selected by
selector
forevent
. Handlers registered withonce
will only be called once.
inView('.someSelector').once('enter', doSomething);
Check if
element
is in the viewport.
inView.is(document.querySelector('.someSelector'));
// => true
By default, in-view considers something in viewport if it breaks any edge of the viewport. This can be used to set an offset from that edge. For example, an offset of
100
will consider elements in viewport if they break any edge of the viewport by at least100
pixels.offset
can be a positive or negative integer.
inView.offset(100);
inView.offset(-50);
Offset can also be set per-direction by passing an object.
inView.offset({
top: 100,
right: 75,
bottom: 50,
left: 25
});
Set the ratio of an element's height and width that needs to be visible for it to be considered in viewport. This defaults to
0
, meaning any amount. A threshold of0.5
or1
will require that half or all, respectively, of an element's height and width need to be visible.threshold
must be a number between0
and1
.
inView.threshold(0); inView.threshold(0.5); inView.threshold(1);
Override in-view's default visibility criteria with a custom function. This function will receive the element and the options object as its only two arguments. Return
true
when an element should be considered visible andfalse
otherwise.
inView.test((el, options) => { // ... });
Manually check the status of the elements selected by
selector
. By default, all registries are checked onwindow
'sscroll
,resize
, andload
events.
inView('.someSelector').check();
Manually emit
event
for any single element.
inView('.someSelector').emit('exit', document.querySelectorAll('.someSelector')[0]);
in-view supports all modern browsers and IE9+.
As a small caveat, in-view utilizes MutationObserver to check the visibility of registered elements after a DOM mutation. If that's functionality you need in IE9-10, consider using a polyfill.
Any library that watches scroll events runs the risk of degrading page performance. To mitigate this, currently, in-view only registers a single, throttled (maximum once every 100ms) event listener on each of window
's load
, resize
, and scroll
events and uses those to run a check on each registry.
There's an emerging browser API, IntersectionObserver
, that aims to provide developers with a performant way to check the visibility of DOM elements. Going forward, in-view will aim to delegate to IntersectionObserver
when it's supported, falling back to polling only when necessary.
License MIT
FAQs
Get notified when a DOM element enters or exits the viewport.
We found that in-view-custom demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.