Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
By Kush Pandya - Apr 18, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
objectFitPolyfill
Advanced tools
objectFitPolyfill
A Javascript polyfill for browsers that don't support the object-fit CSS property
object-fit-polyfill
A polyfill for browsers that don't support the object-fit CSS property. Unsure of what the object-fit does? Essentially object-fit is to <img> tags what background-size is to background-image. You can check out the MDN page for more details.
Features
- Lightweight - 3KB (2KB with the basic version)
- Vanilla Javascript - works with or without jQuery
- Supports IE 9+, iOS 7-, and Android 4.4-
- Supports
object-position - Works with
img,picture,srcset,video, andcanvas - Plug and play - just include the .js file and set data attributes on your elements.
- Please note: This plugin makes the assumption that the parent container is acting as a picture frame, and already has a height & width set.
Demo
You can check out the bare-bones demo here. Note that the plugin simply won't do anything if you're on a browser that already supports object-fit, so you'll want to test it on IE or older iOS/Android browsers.
How does it work?
Unlike object-fit-images or Primož Cigler's method (both excellent alternatives if you'd rather not use this one), this polyfill does not set a background image on the parent container, but instead resizes and repositions the image (using inline CSS for height, width, absolute positioning, and negative margins).
The polyfilled item will receive the class object-fit-polyfill if styling issues occur that require overrides.
Why bother?
If you're wondering: why bother using <img> tags versus background-image? Here's a couple reasons:
<img>tags have better SEO/crawling visibility.- In cases where images are dynamically returned and can't simply be added to your stylesheets (e.g., CMS's), you're forced to inline your background-image. This solves that somewhat-ugly-looking inline CSS.
background-imagedoesn't work withpicture,video, orcanvaselements.
Of course, there's still plenty of cases where using a background image makes more sense than a regular image.
Usage
Initialization:
<!-- Minimum CSS -->
<style>
.container {
width: 25em; /* Or whatever you want it to be */
height: 25em; /* Or whatever you want it to be */
}
.media {
width: 100%;
height: 100%;
object-fit: cover; /* Or whatever object-fit you want */
}
</style>
<!-- Minimum HTML -->
<div class="container">
<img
alt=""
src="https://unsplash.it/800/600/"
class="media"
data-object-fit="cover"
/>
</div>
<script src="dist/objectFitPolyfill.min.js"></script>
Customized object-fit/object-position:
<div class="container">
<img
alt=""
src="https://unsplash.it/800/600/"
class="media"
data-object-fit="contain"
data-object-position="top left"
/>
</div>
<div class="container">
<img
alt=""
src="https://unsplash.it/800/600/"
class="media"
data-object-fit="none"
data-object-position="25% 75%"
/>
</div>
<div class="container">
<img
alt=""
src="https://unsplash.it/800/600/"
class="media"
data-object-fit="scale-down"
data-object-position="3em -1em"
/>
</div>
If you're only interested in using the basic polyfill (which assumes object-fit: cover and object-position: 50% 50%), you can save yourself some bytes by using:
<div class="container">
<img
alt=""
src="https://unsplash.it/800/600/"
class="media"
data-object-fit
/>
</div>
<script src="dist/objectFitPolyfill.basic.min.js"></script>
Installation via package managers
Alternatively, if you prefer not to manually add Javascript files to your sites, you can use bower and npm like so:
bower install objectFitPolyfill
npm install objectFitPolyfill
Advanced usage
If you need to dynamically call the polyfill on the fly for any reason (for example, carousels or lazy-loaded images), you can do so quite easily:
// Rerun the polyfill on all elements with the data attribute
objectFitPolyfill();
// Rerun the polyfill on a single DOM node
var element = document.querySelector('.foo');
objectFitPolyfill(element);
// Rerun the polyfill on multiple elements
var elements = document.querySelectorAll('.bar');
objectFitPolyfill(elements);
// Rerun the polyfill with a jQuery selector
objectFitPolyfill($('.baz'));
Requests?
If you'd like to make feature requests such as IE 8- or adding object-position support for Safari, feel free to open an issue or pull request! It's doable and on my radar, but I probably won't get to it without some prodding.
Keywords
FAQs
A Javascript polyfill for browsers that don't support the object-fit CSS property
We found that objectFitPolyfill demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 27 Jun 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Python Tools Are Quickly Adopting the New pylock.toml Standard
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
By Sarah Gooding - Apr 18, 2025
Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025