Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
react-image-lightbox
Advanced tools
A flexible lightbox component for displaying images in a React project.
Features
var React = require('react');
var Lightbox = require('react-image-lightbox');
var images = [
'//placekitten.com/1500/500',
'//placekitten.com/4000/3000',
'//placekitten.com/800/1200',
'//placekitten.com/1500/1500'
];
module.exports = React.createClass({
getInitialState: function() {
return {
index: 0,
isOpen: false
};
},
openLightbox: function() {
this.setState({ isOpen: true });
},
closeLightbox: function() {
this.setState({ isOpen: false });
},
moveNext: function() {
this.setState({ index: (this.state.index + 1) % images.length });
},
movePrev: function() {
this.setState({ index: (this.state.index + images.length - 1) % images.length });
},
render: function() {
var lightbox = '';
if (this.state.isOpen) {
lightbox = (
<Lightbox
mainSrc={images[this.state.index]}
nextSrc={images[(this.state.index + 1) % images.length]}
prevSrc={images[(this.state.index + images.length - 1) % images.length]}
onCloseRequest={this.closeLightbox}
onMovePrevRequest={this.movePrev}
onMoveNextRequest={this.moveNext}
/>
);
}
return (
<div>
<button type="button" onClick={this.openLightbox}>Open Lightbox</button>
{lightbox}
</div>
);
}
});
Property | Type | Default | Required | Description |
---|---|---|---|---|
mainSrc | string | yes | Main display image url | |
prevSrc | string | Previous display image url (displayed to the left). If left undefined, movePrev actions will not be performed, and the button not displayed | ||
nextSrc | string | Next display image url (displayed to the right). If left undefined, moveNext actions will not be performed, and the button not displayed | ||
mainSrcThumbnail | string | Thumbnail image url corresponding to props.mainSrc | ||
prevSrcThumbnail | string | Thumbnail image url corresponding to props.prevSrc | ||
nextSrcThumbnail | string | Thumbnail image url corresponding to props.nextSrc | ||
onCloseRequest | func | yes | Close window event. Should change the parent state such that the lightbox is not rendered | |
onMovePrevRequest | func | empty function | Move to previous image event. Should change the parent state such that props.prevSrc becomes props.mainSrc, props.mainSrc becomes props.nextSrc, etc. | |
onMoveNextRequest | func | empty function | Move to next image event. Should change the parent state such that props.nextSrc becomes props.mainSrc, props.mainSrc becomes props.prevSrc, etc. | |
discourageDownloads | bool | false | Enable download discouragement (prevents [right-click -> Save Image As...]) | |
animationDisabled | bool | false | Disable all animation | |
animationOnKeyInput | bool | false | Disable animation on actions performed with keyboard shortcuts | |
animationDuration | number | 300 | Animation duration (ms) | |
keyRepeatLimit | number | 180 | Required interval of time (ms) between key actions (prevents excessively fast navigation of images) | |
keyRepeatKeyupBonus | number | 40 | Amount of time (ms) restored after each keyup (makes rapid key presses slightly faster than holding down the key to navigate images) | |
imageTitle | string | Image title | ||
toolbarButtons | node[] | Array of custom toolbar buttons | ||
imagePadding | number | 10 | Padding (px) between the edge of the window and the lightbox |
FAQs
A lightbox component for React.js
The npm package react-image-lightbox receives a total of 86,958 weekly downloads. As such, react-image-lightbox popularity was classified as popular.
We found that react-image-lightbox demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.