Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
jquery-inview
Advanced tools
Event that is fired as soon as an element appears in the user's viewport.
The script makes use of the new $.contains method - so it will only work with jQuery 1.8 upwards. If you need to use it with older versions of jQuery, drop a comment, and I'll post an alternative.
The event will only fire when the element comes in to view of the viewport, and out of view. It won't keep firing if the user scrolls and the element remains in view.
The variable after the event argument indicates the visible state in the viewport.
$('div').on('inview', function(event, isInView) {
if (isInView) {
// element is now visible in the viewport
} else {
// element has gone out of viewport
}
});
To stop listening for the event - simply unbind:
$('div').off('inview');
Remember you can also bind once:
$('div').one('inview', fn);
Live events
Yep, inview events can also be used with .on/.delegate methods. Please note that this could slow down your app when the selector is too complex and/or matches a huge set of elements. The following code snippet only loads images when they appear in the browser's viewport.
// Assuming that all images have set the 'data-src' attribute instead of the 'src'attribute
$("body").on("inview", "img[data-src]", function() {
var $this = $(this);
$this.attr("src", $this.attr("data-src"));
// Remove it from the set of matching elements in order to avoid that the handler gets re-executed
$this.removeAttr("data-src");
});
The Test Suite succeeds in the following browsers that were tested:
FAQs
Element 'inview' Event Plugin
The npm package jquery-inview receives a total of 2,322 weekly downloads. As such, jquery-inview popularity was classified as popular.
We found that jquery-inview demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.