Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

snabbdom-iframe-domapi

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

snabbdom-iframe-domapi

DOM API for Snabbdom with iframe support.

  • 0.3.2
  • latest
  • Source
  • npm
  • Socket score
Version published
Maintainers
1
Created
Source

snabbdom-iframe-domapi Build Status

Snabbdom allows you to provide alternative DOM implementations. This project provides a standard HTML DOM API along with iframe support, so that you can simply patch content inside of <iframe> elements. This allows one to do something like:

var vnode0 = document.createElement('iframe');
document.body.appendChild(vnode0);
var vnode1 = h('iframe', [
    h('ul', [
        h('li', 'Thing 1'),
        h('li', 'Thing 2')
    ]),
    h('span', 'Another thing.')
]);
patch(vnode0, vnode1);
patch(vnode1, h('iframe', [
    h('ul', [
        h('li', 'Thing 0'),
        h('li', 'Thing 1'),
        h('li', 'Thing 2')
    ])
]));

And the childNodes will be added/removed from the contentDocument.body of the iframe when the iframe is fully ready/loaded.

Usage

Default

The default implementation simply uses the current window's document to create elements. This implementation is accessible as the default export.

import domApi from 'snabbdom-iframe-domapi';
import snabbdom from 'snabbdom';
import snabbdomClass from 'snabbdom/modules/class';
import snabbdomProps from 'snabbdom/modules/props';
import snabbdomEventListeners from 'snabbdom/modules/eventlisteners';

let patch = snabbdom.init([
    snabbdomClass,
    snabbdomProps,
    snabbdomEventListeners
], domApi);

Options

  • clean

    You can specify a clean option to the createApi function. This will cause the implementation to create a new, clean Document (untouched by any changes to window globals), and it will use this "clean" document to create elements.

  • trustedTypesPolicy

    You can pass a TrustedTypePolicy to the createApi function via the trustedTypesPolicy option. When the clean option is true, this will cause the "clean" document to use that passed policy as the default policy when setting any "injection sinks." See the Trusted Types documentation for more details.

To set options simply pass a hash of option values to the createApi function:

import { createApi } from 'snabbdom-iframe-domapi';
import snabbdom from 'snabbdom';
import snabbdomClass from 'snabbdom/modules/class';
import snabbdomProps from 'snabbdom/modules/props';
import snabbdomEventListeners from 'snabbdom/modules/eventlisteners';

const policy = window.trustedTypes.defaultPolicy;
const domApi = createApi({ clean: true, trustedTypesPolicy: policy });

const patch = snabbdom.init([
    snabbdomClass,
    snabbdomProps,
    snabbdomEventListeners
], domApi);

FAQs

Package last updated on 20 Apr 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Research

Security News

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.

By Kirill Boychenko  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc