Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A modern and simple modal
NPM
npm install --save modal.js
Not recommended! My use of styles is disgusting, You are warned!
$().modal({"content": {"type":"text","data": "Hola mundo!" }});
$().modal({"content": {"type":"image", "data": "http://lorempixel.com/400/200/"}})
The parameter is json with this structure:
'content' : { //<-- Content!
'type' : String, //<-- Type of data entry. Default: text. It must exist on plugin.json
'data' : Object, //<-- Any data to show. Here.
'className' : String, //<-- Name of class on css who define style of content.
},
'shape' : { //<-- Shape!
'className' : String, //<-- Name of class on css who define style of the shape literally*
'style' : String //<-- Name of class on css who define style of the canvas of content*
}
'layout' : String, //<-- Define layout of modal*
'header' : { //<-- Header!
'icon' : String, //<-- If you wanna set a icon or a something on header but not content.
'title' : { //<-- Title!
'className' : String, //<-- Name of class on css who define style of title header.
'content' : String //<-- Text of title
}
},
'close' : { //<-- Close modal!
'button' : Boolean, //<-- True or empty or null create a close button. False dont.
'escape' : Boolean //<-- True or empty or null set key 'Esc' to close modal.
},
'acc' : { //<-- Accessibility time!
'text' : String //<-- Text to read for accessibility readers.
},
'btns' : [{ //<-- Buttons everywhere! Is an array of buttons.
'value' : String, //<-- Text display on button.
'shape' : String, //<-- Name of class on css who define a style of button.
'type' : String, //<-- Define event of button. Function, link or close modal.
'action' : String, //<-- Define funcion or link of type button.
'close' : Boolean, //<-- True or empty or null button close modal. False dont.
'key' : CharCode //<-- Charcode of key trigger of btn.
}],
'overlay' : { //<-- Overlay!
'className' : String, //<-- Overwrite style of overlay.
'click' : Boolean //<-- True, empty or null close modal on click overlay. False dont.
},
'width' : String //<-- Set with of modal. Auto for default.
You can modify defaults modal.json.
"dfts" : {
"shapeClassname":"modalShape-dft",
"shapeStyle":"modalStyle-dft",
"layout":"modalType-dft",
"icon":"",
"contentClassname":"modalContent-dft",
"acc":"Ventana modal abierta. Presiona escape para cerrar la ventana",
"show": ""
}
Use text plugin for guide you.
Not only can create a different templates of same modal, different modal too! You have access a args (parameter of modal), and you add custom variables on parameters.
I create a youtube video modal:
"iframe" : { //<-- name of new plugin or modal type.
"element" : "iframe", //<-- element create on body of modal
"objAttrs" :{ //<-- objAttrs set attributes on obj element
"id": "'mFrame-content'", //<-- iframe.id
"width": "args.content.width", //<-- iframe.width
"height": "args.content.height", //<-- iframe.height
"src" : "data" //<-- iframe.src
},
"attrs" : { //<-- attrs set attributes on dom element
"frameborder" : "'0'", //<-- iframe.setAttribute("frameborder","0")
"allowfullscreen" : "''", //<-- iframe.setAttribute("allowfullscreen","")
"mozallowfullscreen" : "''",
"webkitallowfullscreen" : "''",
"hspace" : "'0'",
"vspace" : "'0'",
"scrolling" : "'auto'"
},
"dfts" : {
"shapeClassname":"",
"shapeStyle":"",
"layout":"",
"icon":"",
"contentClassname":"",
"acc":""
}
}
NOTE: Important! objAttrs and attrs is under eval. You can use variables of args (parameter of modal) and set new parameters. Example: width, height and id. If you pass string need double quotes " ' ' ".
Url of "plugins" or types of modals need this structure:
but before call modal js you can overwrite url: urlModal = "js/modal.json" -> Default
Modal.js is a project by Rodrigo Perrote.
FAQs
A simple modern modal
The npm package modal.js receives a total of 0 weekly downloads. As such, modal.js popularity was classified as not popular.
We found that modal.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.