Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
node-html-parser
Advanced tools
A very fast HTML parser, generating a simplified DOM, with basic element query support.
The node-html-parser package is a fast HTML parser designed for Node.js, which allows users to parse HTML documents and manipulate the resulting DOM tree. It provides an API to navigate and modify the DOM, extract data, and serialize DOM back to HTML.
Parsing HTML string to DOM
This feature allows you to parse a string containing HTML and creates a DOM tree that can be manipulated. The example code demonstrates parsing an HTML string and logging the structure of the first child element.
const { parse } = require('node-html-parser');
const root = parse('<ul id="list"><li>Hello World</li></ul>');
console.log(root.firstChild.structure);
Querying the DOM
This feature enables querying the DOM tree for elements using selectors. The code sample shows how to select the first 'li' element and log its text content.
const { parse } = require('node-html-parser');
const root = parse('<ul id="list"><li>Hello World</li></ul>');
const listItem = root.querySelector('li');
console.log(listItem.text);
Modifying the DOM
This feature allows you to modify the DOM tree by changing the content of elements. In the example, the content of the 'li' element is changed from 'Hello World' to 'Hello Universe', and the updated HTML is logged.
const { parse } = require('node-html-parser');
const root = parse('<ul id="list"><li>Hello World</li></ul>');
const listItem = root.querySelector('li');
listItem.set_content('Hello Universe');
console.log(root.toString());
Serializing DOM back to HTML
After manipulating the DOM, you can serialize it back to an HTML string. The code sample demonstrates how to convert the DOM tree back into an HTML string and log it.
const { parse } = require('node-html-parser');
const root = parse('<div><p>Hello World</p></div>');
const html = root.toString();
console.log(html);
Cheerio is a fast, flexible, and lean implementation of core jQuery designed specifically for the server. It provides a familiar jQuery interface to traverse and manipulate the DOM. Compared to node-html-parser, cheerio offers a more extensive API and is more widely used for web scraping and server-side DOM manipulation.
jsdom is a pure-JavaScript implementation of many web standards, notably the WHATWG DOM and HTML Standards, for use with Node.js. It is more heavyweight compared to node-html-parser as it aims to provide a comprehensive simulation of a web browser's environment. jsdom is suitable for more complex tasks that require a full DOM API and the ability to execute scripts.
parse5 is an HTML parsing/serialization toolset for Node.js that adheres to the HTML5 specification. It is designed to be a spec-compliant parsing library, which makes it suitable for projects that require high standards of HTML parsing accuracy. Compared to node-html-parser, parse5 may be slower but offers better standards compliance.
Fast HTML Parser is a very fast HTML parser. Which will generate a simplified DOM tree, with basic element query support.
Per the design, it intends to parse massive HTML files in lowest price, thus the
performance is the top priority. For this reason, some malformatted HTML may not
be able to parse correctly, but most usual errors are covered (eg. HTML4 style
no closing <li>
, <td>
etc).
npm install --save node-html-parser
Faster than htmlparser2!
node-html-parser:2.02346 ms/file ± 2.21481
htmlparser :26.0810 ms/file ± 171.313
htmlparser2 :4.49111 ms/file ± 6.85512
parse5 :14.8590 ms/file ± 10.9427
high5 :7.71818 ms/file ± 4.88375
Tested with htmlparser-benchmark.
import { parse } from 'node-html-parser';
const root = parse('<ul id="list"><li>Hello World</li></ul>');
console.log(root.firstChild.structure);
// ul#list
// li
// #text
console.log(root.querySelector('#list'));
// { tagName: 'ul',
// rawAttrs: 'id="list"',
// childNodes:
// [ { tagName: 'li',
// rawAttrs: '',
// childNodes: [Object],
// classNames: [] } ],
// id: 'list',
// classNames: [] }
console.log(root.toString());
// <ul id="list"><li>Hello World</li></ul>
root.set_content('<li>Hello World</li>');
root.toString(); // <li>Hello World</li>
var HTMLParser = require('node-html-parser');
var root = HTMLParser.parse('<ul id="list"><li>Hello World</li></ul>');
Parse given data, and return root of the generated DOM.
data, data to parse
options, parse options
{
lowerCaseTagName: false, // convert tag name to lower case (hurt performance heavily)
comment: false // retrieve comments (hurt performance slightly)
blockTextElements: {
script: true, // keep text content when parsing
noscript: true, // keep text content when parsing
style: true, // keep text content when parsing
pre: true // keep text content when parsing
}
}
Trim element from right (in block) after seeing pattern in a TextNode.
Remove whitespaces in this sub tree.
Query CSS selector to find matching nodes.
Note: only tagName
, #id
, .class
selectors supported. And not behave the
same as standard querySelectorAll()
as it will stop searching sub tree after
find a match.
Query CSS Selector to find matching node.
Append a child node to childNodes
parses the specified text as HTML and inserts the resulting nodes into the DOM tree at a specified position.
Set value
to key
attribute.
Remove key
attribute.
Get key
attribute.
Exchanges given child with new child.
Remove child node.
Same as outerHTML
Set content. Notice: Do not set content of the root node.
Remove current element.
Get unescaped text value of current node and its children. Like innerText
.
(slow for the first time)
Get escpaed (as-it) text value of current node and its children. May have
&
in it. (fast)
Get structured Text
Get DOM structure
Get first child node
Get last child node
Get innerHTML.
Get outerHTML.
FAQs
A very fast HTML parser, generating a simplified DOM, with basic element query support.
The npm package node-html-parser receives a total of 1,772,287 weekly downloads. As such, node-html-parser popularity was classified as popular.
We found that node-html-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.