Security News
Combatting Alert Fatigue by Prioritizing Malicious Intent
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
The xpath npm package is a Node.js module that allows users to query XML documents using XPath expressions. It provides a way to navigate and select nodes in an XML document tree, extract information, and manipulate the content.
Evaluating XPath expressions
This feature allows you to evaluate XPath expressions against an XML document and returns the matching nodes.
const xpath = require('xpath'),
dom = require('xmldom').DOMParser;
let doc = new dom().parseFromString('<book><title>Harry Potter</title></book>');
let nodes = xpath.select('//title', doc);
console.log(nodes[0].textContent); // Harry Potter
Registering custom namespaces
This feature enables the use of custom namespaces when evaluating XPath expressions, which is necessary when querying XML documents that include namespaces.
const select = xpath.useNamespaces({
'x': 'http://www.w3.org/1999/xhtml'
});
let nodes = select('//x:div', doc);
Using XPath functions
This feature allows the use of XPath functions within the expression to perform operations like counting nodes, string manipulation, etc.
let result = xpath.select('count(//title)', doc);
console.log(result); // 1
Cheerio is a fast, flexible, and lean implementation of core jQuery designed specifically for the server. It allows for manipulation of the DOM using a familiar jQuery-like API. Cheerio parses markup and provides an API for traversing/manipulating the resulting data structure; it does not interpret XPath but uses CSS selectors instead.
jsdom is a pure-JavaScript implementation of many web standards, notably the WHATWG DOM and HTML Standards, for use with Node.js. It is more of a complete browser environment simulator that can also execute scripts, unlike xpath which is focused solely on XPath queries.
xml2js is a simple XML to JavaScript object converter. It supports bi-directional conversion. Unlike xpath, which is used for querying XML documents, xml2js is used for parsing XML into JavaScript objects and vice versa.
An xpath module for node, written in pure javascript.
Originally written by Cameron McCormack (blog).
Prepared as a node module by Yaron Naveh (blog).
Install with npm:
npm install xpath.js
xpath.js is xml engine agnostic but I recommend to use xmldom:
npm install xmldom
var select = require('xpath.js')
, dom = require('xmldom').DOMParser
var xml = "<book><title>Harry Potter</title></book>"
var doc = new dom().parseFromString(xml)
var nodes = select(doc, "//title")
console.log(nodes[0].localName + ": " + nodes[0].firstChild.data)
console.log("node: " + nodes[0].toString())
-->
title: Harry Potter
Node: <title>Harry Potter</title>
var xml = "<book><title>Harry Potter</title></book>"
var doc = new dom().parseFromString(xml)
var title = select(doc, "//title/text()")[0].data
console.log(title)
-->
Harry Potter
var xml = "<book><title xmlns='myns'>Harry Potter</title></book>"
var doc = new dom().parseFromString(xml)
var node = select(doc, "//*[local-name(.)='title' and namespace-uri(.)='myns/']")[0]
console.log(node.namespaceURI)
-->
myns
var xml = "<book author='J. K. Rowling'><title>Harry Potter</title></book>"
var doc = new dom().parseFromString(xml)
var author = select(doc, "/book/@author")[0].value
console.log(author)
-->
J. K. Rowling
FAQs
DOM 3 XPath implemention and helper for node.js and the web
We found that xpath demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In 2023, data breaches surged 78% from zero-day and supply chain attacks, but developers are still buried under alerts that are unable to prevent these threats.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.