
Security News
Node.js Moves Toward Stable TypeScript Support with Amaro 1.0
Amaro 1.0 lays the groundwork for stable TypeScript support in Node.js, bringing official .ts loading closer to reality.
snabbdom-iframe-domapi
Advanced tools
Snabbdom allows you to provide alternative DOM implementations. This project provides a standard HTML DOM API along with iframe support, so that you can simply patch content inside of <iframe>
elements. This allows one to do something like:
var vnode0 = document.createElement('iframe');
document.body.appendChild(vnode0);
var vnode1 = h('iframe', [
h('ul', [
h('li', 'Thing 1'),
h('li', 'Thing 2')
]),
h('span', 'Another thing.')
]);
patch(vnode0, vnode1);
patch(vnode1, h('iframe', [
h('ul', [
h('li', 'Thing 0'),
h('li', 'Thing 1'),
h('li', 'Thing 2')
])
]));
And the childNodes will be added/removed from the contentDocument.body
of the iframe when the iframe is fully ready/loaded.
The default implementation simply uses the current window's document
to create elements. This implementation is accessible as the default export.
import domApi from 'snabbdom-iframe-domapi';
import snabbdom from 'snabbdom';
import snabbdomClass from 'snabbdom/modules/class';
import snabbdomProps from 'snabbdom/modules/props';
import snabbdomEventListeners from 'snabbdom/modules/eventlisteners';
let patch = snabbdom.init([
snabbdomClass,
snabbdomProps,
snabbdomEventListeners
], domApi);
clean
You can specify a clean
option to the createApi
function. This will cause the implementation to create a new, clean Document (untouched by any changes to window globals), and it will use this "clean" document to create elements.
trustedTypesPolicy
You can pass a TrustedTypePolicy
to the createApi
function via the trustedTypesPolicy
option. When the clean
option is true, this will cause the "clean" document to use that passed policy as the default policy when setting any "injection sinks." See the Trusted Types documentation for more details.
To set options simply pass a hash of option values to the createApi
function:
import { createApi } from 'snabbdom-iframe-domapi';
import snabbdom from 'snabbdom';
import snabbdomClass from 'snabbdom/modules/class';
import snabbdomProps from 'snabbdom/modules/props';
import snabbdomEventListeners from 'snabbdom/modules/eventlisteners';
const policy = window.trustedTypes.defaultPolicy;
const domApi = createApi({ clean: true, trustedTypesPolicy: policy });
const patch = snabbdom.init([
snabbdomClass,
snabbdomProps,
snabbdomEventListeners
], domApi);
FAQs
DOM API for Snabbdom with iframe support.
The npm package snabbdom-iframe-domapi receives a total of 143 weekly downloads. As such, snabbdom-iframe-domapi popularity was classified as not popular.
We found that snabbdom-iframe-domapi demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Amaro 1.0 lays the groundwork for stable TypeScript support in Node.js, bringing official .ts loading closer to reality.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.