Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Simple wrapper on the SAX.js parser to stream xml into JavaScript objects.
Converts xml elements into JavaScript objects.
npm install xml2object --save
var xml2object = require('xml2object');
// Create a new xml parser with an array of xml elements to look for
var parser = new xml2object([ 'animal' ], 'myAnimals.xml');
// Bind to the object event to work with the objects found in the XML file
parser.on('object', function(name, obj) {
console.log('Found an object: %s', name);
console.log(obj);
});
// Bind to the file end event to tell when the file is done being streamed
parser.on('end', function() {
console.log('Finished parsing xml!');
});
// Start parsing the XML
parser.start();
var xml2object = require('xml2object');
var source = fs.createReadStream('/path/to/file.xml');
// Create a new xml parser with an array of xml elements to look for
var parser = new xml2object([ 'animal' ], source);
// Bind to the object event to work with the objects found in the XML file
parser.on('object', function(name, obj) {
console.log('Found an object: %s', name);
console.log(obj);
});
// Bind to the file end event to tell when the file is done being streamed
parser.on('end', function() {
console.log('Finished parsing xml!');
});
// Start parsing the input stream
parser.start();
Note: The following example uses the request
package to simplify the http request.
var xml2object = require('xml2object');
var request = require('request');
// Create a new xml parser with an array of xml elements to look for
var parser = new xml2object([ 'animal' ]);
// Bind to the object event to work with the objects found in the XML file
parser.on('object', function(name, obj) {
console.log('Found an object: %s', name);
console.log(obj);
});
// Bind to the file end event to tell when the file is done being streamed
parser.on('end', function() {
console.log('Finished parsing xml!');
});
// Pipe a request into the parser
request.get('http://www.example.com/test.xml').pipe(parser.saxStream);
var xml2object = require('xml2object');
// Create a new xml parser with an array of xml elements to look for
// but this time we have lower-level requirements
var parser = new xml2object([ 'Envelope' ], undefined, { xmlns:true });
// everything else the same
Constructor for creating an instance of the xml parser.
The source argument is can be a path to an xml file or an input stream.
If no source is specified you can set a readable Stream to .source
or pipe a Stream into the .saxStream
.
var xml2object = require('xml2object');
// Parse the myAnimals.xml file looking for <animal> elements
var parser = new xml2object([ 'animal' ], 'myAnimals.xml');
saxOptions
is passed directly to the SAX parser. Options supported in node-xml2object are
The input Stream used as a source for parsing. Can be set to a xml file path or a readable stream.
var parser = new xml2object([ 'animal' ]);
parser.source = 'myAnimals.xml';
The underlying sax Stream. Data can be piped directly to the sax Stream using the pipe()
.
Triggers the xml file to start streaming to the parser. Call this method after you have bound to the events.
// Start parsing the XML
parser.start();
function(name, obj) { ... }
Triggered when an object has been parsed from the XML file with the name of the element found and the actual object.
function() { ... }
Marks the end of the input file when it has been completely streamed through the parser.
function() { ... }
Marks the start of reading from the source. This event will not fire if using the .saxParser.pipe()
method.
Elements being parsed cannot currently be nested. For example. if you have root > bikes > bike > wheel
as a heirarchy and have done a xml2object('transportation.xml', [ 'bike', 'wheel' ])
the bike objects will be returned, but the wheel elements inside the bike element will not be parsed separately.
FAQs
Simple XML to JavaScript Object Converter
The npm package xml2object receives a total of 29 weekly downloads. As such, xml2object popularity was classified as not popular.
We found that xml2object demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.