Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
parse-srcset
Advanced tools
The parse-srcset npm package is a utility for parsing the 'srcset' attribute of HTML <img> elements. It helps in breaking down the 'srcset' attribute into its individual components, making it easier to work with responsive images in web development.
Parsing srcset attribute
This feature allows you to parse a 'srcset' attribute string into an array of objects, each representing an image candidate with its URL and descriptor.
const parseSrcset = require('parse-srcset');
const srcset = 'image1.jpg 1x, image2.jpg 2x';
const parsed = parseSrcset(srcset);
console.log(parsed);
Handling different descriptors
This feature supports parsing different types of descriptors such as width descriptors (e.g., '100w') and pixel density descriptors (e.g., '2x').
const parseSrcset = require('parse-srcset');
const srcset = 'image1.jpg 1x, image2.jpg 2x, image3.jpg 100w';
const parsed = parseSrcset(srcset);
console.log(parsed);
The 'srcset' package provides similar functionality for parsing and stringifying 'srcset' attributes. It offers a more comprehensive API for both parsing and generating 'srcset' strings, making it a versatile alternative to parse-srcset.
A javascript parser for the HTML5 srcset attribute, based on the WHATWG reference algorithm. It has an extensive test suite based on the W3C srcset conformance checker. It conforms to the jQuery JSCS style rules.
Tests are written using Intern-geezer for compatibility.
To run the tests in console:
$ npm test
Or in a browser, just open the html file at:
node_modules/intern-geezer/client.html?config=tests/intern
I’m on twitter @tweetywheaty.
FAQs
A spec-conformant JavaScript parser for the HTML5 srcset attribute
We found that parse-srcset demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.