Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ngx-quicklink
Advanced tools
quicklink implementation for Angular. It provides router preloading strategy which automatically downloads the lazy-loaded modules associated with all the visible links on the screen.
Quicklink attempts to make navigations to subsequent pages load faster. It:
routerLink
s within the viewport (using Intersection Observer)navigator.connection.effectiveType
) or has data-saver enabled (using navigator.connection.saveData
)This project aims to be a drop-in solution for sites to prefetch links based on what is in the user's viewport. It also aims to be small (~2KB minified/gzipped).
First you need to install the project:
npm i ngx-quicklink --save
After that import the QuicklinkModule
to the AppComponent
, and use the QuicklinkStrategy
as preloadingStrategy
in the router's configuration. For example:
// ...
import { QuicklinkModule, QuicklinkStrategy } from 'ngx-quicklink';
@NgModule({
declarations: [...],
imports: [
// ...
QuicklinkModule,
RouterModule.forRoot(routes, { preloadingStrategy: QuicklinkStrategy }),
],
bootstrap: [...]
})
export class AppModule {}
If you want to add a route in the ignore list so that ngx-quicklink
will not preload it use the data
property:
export const routes: Routes = [
{
path: 'contact',
loadChildren: './contact/contact.module#ContactModule',
data: {
preload: false
}
}
];
Note that to make the module available in lazy-loaded modules as well you need to import it in a shared module and export it. Look at this commit to see how ngx-quicklink
is integrated in the angular-realworld-example-app.
For a demo, look at the example
directory. To run the project use:
cd ngx-quicklink && npm i && npm run release
cd example && npm i && ng serve
ngx-quicklink
:
IntersectionObserver
to be supported (see CanIUse). On older browsers ngx-quicklink
preloads all links on the page. If you want to enable the IntersectionObserver
behavior on older browsers you can use conditional polyfill loading:<script src="https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver"></script>
Alternatively, see the Intersection Observer polyfill.
What's the difference between quicklink and ngx-quicklink?
quicklink prefetches the resource pointed by the
href
attribute of an anchor. This doesn't work for Angular because the value of thehref
attribute is not a JavaScript bundle but a path defined inside of the routing configuration. ngx-quicklink introduces some additional functionality to make the same strategy work well with Angular.
Should I use Guess.js or ngx-quicklink?
The prefetching behavior of Guess.js would most likely be more accurate compared to ngx-quicklink, which will reduce the overfetching. Guess.js, however, may take a little more effort to setup. In case you don't want to integrate with the analytics of your website ngx-quicklink is the right choice for you.
mgechev | wKoza | rolaveric | thekiba |
MIT
FAQs
Unknown package
We found that ngx-quicklink demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.