Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ngx-dropzone
Advanced tools
A lightweight and highly customizable Angular dropzone component for file uploads.
For a demo see DEMO. And the CODE for the demo.
$ npm install --save ngx-dropzone
// in app.module.ts
import { NgxDropzoneModule } from 'ngx-dropzone';
@NgModule({
...
imports: [
NgxDropzoneModule
],
...
})
export class AppModule { }
<!-- in app.component.html -->
<ngx-dropzone (change)="onSelect($event)">
<ngx-dropzone-label>Drop it, baby!</ngx-dropzone-label>
<ngx-dropzone-preview *ngFor="let f of files" [removable]="true" (removed)="onRemove(f)">
<ngx-dropzone-label>{{ f.name }} ({{ f.type }})</ngx-dropzone-label>
</ngx-dropzone-preview>
</ngx-dropzone>
// in app.component.ts
files: File[] = [];
onSelect(event) {
console.log(event);
this.files.push(...event.addedFiles);
}
onRemove(event) {
console.log(event);
this.files.splice(this.files.indexOf(event), 1);
}
You can also use special preview components to preview images or videos:
<ngx-dropzone-image-preview ngProjectAs="ngx-dropzone-preview" *ngFor="let f of files" [file]="f">
<ngx-dropzone-label>{{ f.name }} ({{ f.type }})</ngx-dropzone-label>
</ngx-dropzone-image-preview>
<ngx-dropzone-video-preview ngProjectAs="ngx-dropzone-preview" *ngFor="let f of files" [file]="f">
<ngx-dropzone-label>{{ f.name }} ({{ f.type }})</ngx-dropzone-label>
</ngx-dropzone-video-preview>
This component is the actual dropzone container. It contains the label and any file previews. It has an event listener for file drops and you can also click it to open the native file explorer for selection.
Use it as a stand-alone component <ngx-dropzone></ngx-dropzone>
or by adding it as an attribute to a custom div
(<div class="custom-dropzone" ngx-dropzone></div>
).
It will add the classes ngx-dz-hovered
and ngx-dz-disabled
to its host element if necessary. You could override the styling of these effects if you like to.
This component has the following Input properties:
[multiple]
: Allow the selection of multiple files at once. Defaults to true
.accept
: Set the accepted file types (as for a native file element). Defaults to '*'
. Example: accept="image/jpeg,image/jpg,image/png,image/gif"
[maxFileSize]
: Set the maximum size a single file may have, in bytes. Defaults to undefined
.[disabled]
: Disable any user interaction with the component. Defaults to false
.[expandable]
: Allow the dropzone container to expand vertically as the number of previewed files increases. Defaults to false
which means that it will allow for horizontal scrolling.[disableClick]
: Prevent the file selector from opening when clicking the dropzone.[id], [aria-label], [aria-labelledby]
, [aria-describedby]
: Forward the accessibility properties to the file input element.[processDirectoryDrop]
: Enable extracting files from dropped directories. Defaults to false
.It has the following Output event:
(change)
: Emitted when any files were added or rejected. It returns a NgxDropzoneChangeEvent
with the properties source: NgxDropzoneComponent
, addedFiles: File[]
and rejectedFiles: RejectedFile[]
.The RejectedFile
extends the native File and adds an optional reason property to tell you why the file was rejected. Its value will be either 'type'
for the wrong acceptance type, size
if it exceeds the maximum file size or no_multiple
if multiple is set to false and more than one file is provided.
If you'd like to show the native file selector programmatically then do it as follows:
<ngx-dropzone #drop></ngx-dropzone>
<button (click)="drop.showFileSelector()">Open</button>
This component has no attributes or methods and acts as a container for the label text using content projection. You can place anything inside of it and the text will always be centered.
This component shows a basic file preview when added inside the dropzone container. The previews can be focused using the tab key and be deleted using the backspace or delete keys.
This component has the following Input properties:
[file]
: The dropped file to preview.[removable]
: Allow the user to remove files. Required to allow keyboard interaction and show the remove badge on hover.It has the following Output event:
(removed)
: Emitted when the element should be removed (either by clicking the remove badge or by pressing backspace/delete keys). Returns the file from the Input property.The ngx-dropzone-image-preview
and ngx-dropzone-video-preview
components inherit from this component but expand the preview functionality to display either images or videos directly in the component. See the wiki on how to implement your own custom preview components.
This component is used within the previews to remove selected files. You can use it within your own preview component implementation if you like (see the wiki).
How to upload a file to a Web API?
MIT © Peter Freeman
FAQs
A highly configurable dropzone component for Angular.
The npm package ngx-dropzone receives a total of 45,055 weekly downloads. As such, ngx-dropzone popularity was classified as popular.
We found that ngx-dropzone demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.