Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
By Sarah Gooding - Dec 03, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
node-libxslt
Node.js bindings for libxslt compatible with libxmljs.
Installation
npm install libxslt
From source:
git clone https://github.com/albanm/node-libxslt.git
git submodule update --init
npm install
npm test
Basic usage
var libxslt = require('libxslt');
libxslt.parse(stylesheetString, function(err, stylesheet){
var params = {
MyParam: 'my value'
};
// 'params' parameter is optional
stylesheet.apply(documentString, params, function(err, result){
// err contains any error from parsing the document or applying the stylesheet
// result is a string containing the result of the transformation
});
});
Libxmljs integration
Node-libxslt depends on libxmljs in the same way that libxslt depends on libxml. This dependancy makes possible to bundle and to load in memory libxml only once for users of both libraries.
The libxmljs module required by node-libxslt is exposed as require('libxslt').libxmljs. This prevents depending on libxmljs twice which is not optimal and source of weird bugs.
It is possible to work with libxmljs documents instead of strings:
var libxslt = require('libxslt');
var libxmljs = libxslt.libxmljs;
var stylesheetObj = libxmljs.parseXml(stylesheetString, { nocdata: true });
var stylesheet = libxslt.parse(stylesheetObj);
var document = libxmljs.parseXml(documentString);
stylesheet.apply(document, function(err, result){
// result is now a libxmljs document containing the result of the transformation
});
This is only useful if you already needed to parse a document before applying the stylesheet for previous manipulations. Or if you wish to be returned a document instead of a string for ulterior manipulations. In these cases you will prevent extraneous parsings and serializations.
Includes
XSL includes are supported but relative paths must be given from the execution directory, usually the root of the project.
Includes are resolved when parsing the stylesheet by libxml. Therefore the parsing task becomes IO bound, which is why you should not use synchronous parsing when you expect some includes.
Sync or async
The same parse() and apply() functions can be used in synchronous mode simply by removing the callback parameter. In this case if a parsing error occurs it will be thrown.
var lixslt = require('libxslt');
var stylesheet = libxslt.parse(stylesheetString);
var result = stylesheet.apply(documentString);
The asynchronous functions use the libuv work queue to provide parallelized computation in node.js worker threads. This makes it non-blocking for the main event loop of node.js.
Note that libxmljs parsing doesn't use the work queue, so only a part of the process is actually parallelized.
A small benchmark is available in the project. It has a very limited scope, it uses always the same small transformation a few thousand times. To run it use:
node benchmark.js
This is an example of its results with an intel core i5 3.1GHz:
10000 synchronous parse from parsed doc in 52ms = 192308/s
10000 asynchronous parse in series from parsed doc in 229ms = 43668/s
10000 asynchronous parse in parallel from parsed doc in 56ms = 178571/s
10000 synchronous apply from parsed doc in 329ms = 30395/s
10000 asynchronous apply in series from parsed doc in 569ms = 17575/s
10000 asynchronous apply in parallel from parsed doc in 288ms = 34722/s
Observations:
- it's pretty fast !
- asynchronous is slower when running in series.
- asynchronous can become faster when concurrency is high.
Conclusion:
- use asynchronous by default it will be kinder to your main event loop and is pretty fast anyway.
- use synchronous only if you really want the highest performance and expect low concurrency.
- of course you can also use synchronous simply to reduce code depth. If you don't expect a huge load it will be ok.
- DO NOT USE synchronous parsing if there is some includes in your XSL stylesheets.
Environment compatibility
For now 64bits linux and 32bits windows are confirmed. Other environments are probably ok, but not checked. Please report an issue if you encounter some difficulties.
Node-libxslt depends on node-gyp, you will need to meet its requirements. This can be a bit painful mostly for windows users. The node-gyp version bundled in your npm will have to be greater than 0.13.0, so you might have to follow these instructions to upgrade. There is no system dependancy otherwise, libxslt is bundled in the project.
API Reference
Node.js bindings for libxslt compatible with libxmljs
libxslt.libxmljs
The libxmljs module. Prevents the need for a user's code to require it a second time. Also prevent weird bugs.
Kind: static property of libxslt
libxslt.parse(source, [callback]) ⇒ Stylesheet
Parse a XSL stylesheet
If no callback is given the function will run synchronously and return the result or throw an error.
Kind: static method of libxslt
Returns: Stylesheet - Only if no callback is given.
| Param | Type | Description |
|---|---|---|
| source | string | Document | The content of the stylesheet as a string or a libxmljs document |
| [callback] | parseCallback | The callback that handles the response. Expects err and Stylesheet object. |
libxslt.parseFile(sourcePath, callback)
Parse a XSL stylesheet
Kind: static method of libxslt
| Param | Type | Description |
|---|---|---|
| sourcePath | stringPath | The path of the file |
| callback | parseFileCallback | The callback that handles the response. Expects err and Stylesheet object. |
libxslt~Stylesheet
Kind: inner class of libxslt
new Stylesheet(stylesheetDoc, stylesheetObj)
A compiled stylesheet. Do not call this constructor, instead use parse or parseFile.
store both the source document and the parsed stylesheet if we don't store the stylesheet doc it will be deleted by garbage collector and it will result in segfaults.
| Param | Type | Description |
|---|---|---|
| stylesheetDoc | Document | XML document source of the stylesheet |
| stylesheetObj | Document | Simple wrapper of a libxslt stylesheet |
stylesheet.apply(source, [params], [options], [callback]) ⇒ string | Document
Apply a stylesheet to a XML document
If no callback is given the function will run synchronously and return the result or throw an error.
Kind: instance method of Stylesheet
Returns: string | Document - Only if no callback is given. Type is the same as the source param.
| Param | Type | Description |
|---|---|---|
| source | string | Document | The XML content to apply the stylesheet to given as a string or a libxmljs document |
| [params] | object | Parameters passed to the stylesheet (http://www.w3schools.com/xsl/el_with-param.asp) |
| [options] | applyOptions | Options |
| [callback] | applyCallback | The callback that handles the response. Expects err and result of the same type as the source param passed to apply. |
stylesheet.applyToFile(sourcePath, [params], [options], callback)
Apply a stylesheet to a XML file
Kind: instance method of Stylesheet
| Param | Type | Description |
|---|---|---|
| sourcePath | string | The path of the file to read |
| [params] | object | Parameters passed to the stylesheet (http://www.w3schools.com/xsl/el_with-param.asp) |
| [options] | applyOptions | Options |
| callback | applyToFileCallback | The callback that handles the response. Expects err and result as string. |
libxslt~parseCallback : function
Callback to the parse function
Kind: inner typedef of libxslt
| Param | Type |
|---|---|
| [err] | error |
| [stylesheet] | Stylesheet |
libxslt~parseFileCallback : function
Callback to the parseFile function
Kind: inner typedef of libxslt
| Param | Type |
|---|---|
| [err] | error |
| [stylesheet] | Stylesheet |
libxslt~applyOptions
Options for applying a stylesheet
Kind: inner typedef of libxslt
Properties
| Name | Type | Description |
|---|---|---|
| outputFormat | String | Force the type of the output, either 'document' or 'string'. Default is to use the type of the input. |
| noWrapParams | boolean | If true then the parameters are XPath expressions, otherwise they are treated as strings. Default is false. |
libxslt~applyCallback : function
Callback to the Stylesheet.apply function
Kind: inner typedef of libxslt
| Param | Type | Description |
|---|---|---|
| [err] | error | Error either from parsing the XML document if given as a string or from applying the styleshet |
| [result] | string | Document | Result of the same type as the source param passed to apply |
libxslt~applyToFileCallback : function
Callback to the Stylesheet.applyToFile function
Kind: inner typedef of libxslt
| Param | Type | Description |
|---|---|---|
| [err] | error | Error either from reading the file, parsing the XML document or applying the styleshet |
| [result] | string |
documented by jsdoc-to-markdown.
FAQs
[Fork] Node.js bindings for libxslt compatible with libxmljs
We found that libxslt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 18 Aug 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024