Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
posthtml-parser
Advanced tools
The posthtml-parser npm package is a tool used to parse HTML into an Abstract Syntax Tree (AST). This allows developers to manipulate HTML content programmatically, making it easier to perform tasks such as transforming HTML structures, extracting specific elements, and integrating with other tools in the PostHTML ecosystem.
Parsing HTML to AST
This feature allows you to parse a string of HTML into an Abstract Syntax Tree (AST). The AST can then be manipulated programmatically.
const parse = require('posthtml-parser');
const html = '<div class="example">Hello World</div>';
const ast = parse(html);
console.log(ast);
Handling HTML fragments
This feature allows you to parse HTML fragments and control parsing options such as whether to convert tag names to lowercase.
const parse = require('posthtml-parser');
const fragment = '<span>Fragment</span>';
const ast = parse(fragment, { lowerCaseTags: false });
console.log(ast);
Integration with PostHTML plugins
This feature demonstrates how to integrate the parser with PostHTML plugins to transform HTML content. In this example, a plugin is used to change all <div> tags to <section> tags.
const posthtml = require('posthtml');
const parse = require('posthtml-parser');
const html = '<div class="example">Hello World</div>';
posthtml()
.use(tree => {
tree.match({ tag: 'div' }, node => {
node.tag = 'section';
return node;
});
})
.process(html)
.then(result => console.log(result.html));
htmlparser2 is a fast and forgiving HTML/XML parser. It is similar to posthtml-parser in that it parses HTML into a tree structure, but it is more focused on speed and flexibility. It also supports streaming and can handle large documents efficiently.
parse5 is a highly compliant HTML parser that closely follows the WHATWG HTML specification. It is similar to posthtml-parser in its ability to parse HTML into an AST, but it is known for its strict adherence to web standards and comprehensive support for HTML5 features.
cheerio is a fast, flexible, and lean implementation of core jQuery designed specifically for the server. It parses HTML and XML into a DOM-like structure, allowing for jQuery-like manipulation of the document. While it offers similar parsing capabilities, it is more focused on providing a familiar API for DOM manipulation.
Parse HTML/XML to PostHTML AST. More about PostHTML
NPM install
$ npm install posthtml-parser
<a class="animals" href="#">
<span class="animals__cat" style="background: url(cat.png)">Cat</span>
</a>
const parser = require('posthtml-parser')
const fs = require('fs')
const html = fs.readFileSync('path/to/input.html').toString()
console.log(parser(html)) // Logs a PostHTML AST
<a class="animals" href="#">
<span class="animals__cat" style="background: url(cat.png)">Cat</span>
</a>
[{
tag: 'a',
attrs: {
class: 'animals',
href: '#'
},
content: [
'\n ',
{
tag: 'span',
attrs: {
class: 'animals__cat',
style: 'background: url(cat.png)'
},
content: ['Cat']
},
'\n'
]
}]
Any parser being used with PostHTML should return a standard PostHTML Abstract Syntax Tree (AST). Fortunately, this is a very easy format to produce and understand. The AST is an array that can contain strings and objects. Any strings represent plain text content to be written to the output. Any objects represent HTML tags.
Tag objects generally look something like this:
{
tag: 'div',
attrs: {
class: 'foo'
},
content: ['hello world!']
}
Tag objects can contain three keys. The tag
key takes the name of the tag as the value. This can include custom tags. The optional attrs
key takes an object with key/value pairs representing the attributes of the html tag. A boolean attribute has an empty string as its value. Finally, the optional content
key takes an array as its value, which is a PostHTML AST. In this manner, the AST is a tree that should be walked recursively.
directives
Type: Array
Default: [{name: '!doctype', start: '<', end: '>'}]
Description: Adds processing of custom directives. Note: The property name
in custom directives can be String
or RegExp
type
xmlMode
Type: Boolean
Default: false
Description: Indicates whether special tags (<script>
and <style>
) should get special treatment and if "empty" tags (eg. <br>
) can have children. If false, the content of special tags will be text only. For feeds and other XML content (documents that don't consist of HTML), set this to true.
decodeEntities
Type: Boolean
Default: false
Description: If set to true, entities within the document will be decoded.
lowerCaseTags
Type: Boolean
Default: false
Description: If set to true, all tags will be lowercased. If xmlMode
is disabled.
lowerCaseAttributeNames
Type: Boolean
Default: false
Description: If set to true, all attribute names will be lowercased. This has noticeable impact on speed.
recognizeCDATA
Type: Boolean
Default: false
Description: If set to true, CDATA sections will be recognized as text even if the xmlMode
option is not enabled. NOTE: If xmlMode
is set to true
then CDATA sections will always be recognized as text.
recognizeSelfClosing
Type: Boolean
Default: false
Description: If set to true, self-closing tags will trigger the onclosetag
event even if xmlMode
is not set to true
. NOTE: If xmlMode
is set to true
then self-closing tags will always be recognized.
FAQs
Parse HTML/XML to PostHTMLTree
The npm package posthtml-parser receives a total of 0 weekly downloads. As such, posthtml-parser popularity was classified as not popular.
We found that posthtml-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.