Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
pearplayer
Advanced tools
PearPlayer(梨享播放器)[Demo] 是完全用JavaScript写的开源HTML5流媒体播放框架,实现了融合HTTP(包含HTTPS、HTTP2)、WebRTC的多协议、多源、低延迟、高带宽利用率的无插件Web端流媒体加速能力。基于H5的MSE技术(Media Source Extension)将来自多个源节点的Buffer分块喂给播放器,再加上精心设计的算法来达到最优的调度策略及对各种异常情况的处理,Pear Player能在保证用户流畅视频体验的前提下最大化P2P率。
只需将pear-player.min.js
通过<script>
标签导入到HTML就可以使用。 参考以下代码示例,也可以查看/examples/player-test.html
来了解使用方法。
参考get-started来了解基本使用方法。
<video>
标签一样简单,并容易与video.js等流行播放框架集成将以下代码拷贝到HTML5代码中,打开网页,见证奇迹的时刻到了!
<script src="https://cdn.jsdelivr.net/npm/pearplayer@2.4.0"></script>
<video id="video" controls></video>
<script>
var player = new PearPlayer('#video', { src: 'https://qq.webrtc.win/tv/Pear-Demo-Yosemite_National_Park.mp4' });
</script>
首先通过script标签导入pear-player.min.js:
<script src="./dist/pear-player.min.js"></script>
或者使用CDN:
<script src="https://cdn.jsdelivr.net/npm/pearplayer@latest"></script>
假设用video标签播放如下视频,HTML如下所示:
<video id="pearvideo" src="https://qq.webrtc.win/tv/Pear-Demo-Yosemite_National_Park.mp4" controls>
只需要如下几行代码,即可将PearPlayer绑定到video标签:
<script>
/**
* 第一个参数为video标签的id或class
* opts是可选的参数配置
*/
if (PearPlayer.isMSESupported()) {
var player = new PearPlayer('#pearvideo', opts);
}
</script>
恭喜您,您的播放器已经具备P2P能力了,而且无须任何插件!
示例中的视频是已经分发过的,那么如何为任意视频加速呢?很简单,只需在视频分发系统中添加您的视频URL,即可利用Pear的海量节点为您的视频加速!具体教程请点击这里(目前仅支持分发MP4
格式,视频的名字需要加上Pear-Demo
前缀,如Pear-Demo-movie.mp4
)
特别感谢以下项目,为本项目提供了部分灵感来源以及API设计参考:
MIT. Copyright (c) Pear Limited and snowinszu.
E-mail: service@pear.hk;用户QQ群:373594967
;CP/CDN接入、OEM与其他商务合作
FAQs
PearPlayer.js
The npm package pearplayer receives a total of 48 weekly downloads. As such, pearplayer popularity was classified as not popular.
We found that pearplayer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.