Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
scroll-behavior-polyfill
Advanced tools
A polyfill for the 'scroll-behavior' CSS-property
The scroll-behavior
CSS-property as well as the extensions to the Element interface in the CSSOM View Module CSS property sets the behavior for a scrolling box when scrolling is triggered by the navigation or CSSOM scrolling APIs.
This polyfill brings this new feature to all browsers.
It is very efficient, tiny, and works with the latest browser technologies such as Shadow DOM.
This polyfill also implements the extensions to the Element interface in the CSSOM View Module such as Element.prototype.scroll
, Element.prototype.scrollTo
, Element.protype.scrollBy
, and Element.prototype.scrollIntoView
.
$ npm install scroll-behavior-polyfill
$ yarn add scroll-behavior-polyfill
The polyfill will be feature detected and applied if and only if the browser doesn't support the property already. To include it, add this somewhere:
import "scroll-behavior-polyfill";
However, it is strongly suggested that you only include the polyfill for browsers that doesn't already support scroll-behavior
.
One way to do so is with an async import:
if (!("scrollBehavior" in document.documentElement.style)) {
await import("scroll-behavior-polyfill");
}
Alternatively, you can use Polyfill.app which uses this polyfill and takes care of only loading the polyfill if needed as well as adding the language features that the polyfill depends on (See dependencies).
You can define the scroll-behavior
of Elements via one of the following approaches:
scroll-behavior
property.scroll-behavior
attribute.CSSStyleDeclaration
with a scrollBehavior
property.This means that either of the following approaches will work:
<!-- Works just fine when given in the 'style' attribute -->
<div style="scroll-behavior: smooth"></div>
<!-- Works just fine when given as an attribute of the name 'scroll-behavior' -->
<div scroll-behavior="smooth"></div>
<script>
// Works jut fine when given as a style property
element.style.scrollBehavior = "smooth";
</script>
See this section for information about why scroll-behavior
values provided in stylesheets won't be discovered by the polyfill.
You can of course also use the imperative scroll()
, scrollTo
, scrollBy
, and scrollIntoView
APIs and provide scroll-behavior
options.
For example:
// Works for the window object
window.scroll({
behavior: "smooth",
top: 100,
left: 0
});
// Works for any element (and supports all options)
myElement.scrollIntoView();
myElement.scrollBy({
behavior: "smooth",
top: 50,
left: 0
});
You can also use the scrollTop
and scrollLeft
setters, both of which works with the polyfill too:
element.scrollTop += 100;
element.scrollLeft += 50;
This polyfill is distributed in ES3-compatible syntax, but is using some modern APIs and language features which must be available:
requestAnimationFrame
Object.getOwnPropertyDescriptor
Object.defineProperty
For by far the most browsers, these features will already be natively available. Generally, I would highly recommend using something like Polyfill.app which takes care of this stuff automatically.
Do you want to contribute? Awesome! Please follow these recommendations.
Frederik Wessberg Twitter: @FredWessberg Lead Developer |
Become a backer and get your name, avatar, and Twitter handle listed here.
scroll-behavior
properties declared only in stylesheets won't be discovered. This is because polyfilling CSS is hard and really bad for performance.MIT © Frederik Wessberg (@FredWessberg) (Website)
FAQs
A polyfill for the 'scroll-behavior' CSS-property
The npm package scroll-behavior-polyfill receives a total of 37,765 weekly downloads. As such, scroll-behavior-polyfill popularity was classified as popular.
We found that scroll-behavior-polyfill demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.