Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
zxing-library2
Advanced tools
TypeScript port of ZXing multi-format 1D/2D barcode image processing library with inverse barcode support
If it doesn't, we gonna make it.
ZXing ("zebra crossing") is an open-source, multi-format 1D/2D barcode image processing library implemented in Java, with ports to other languages.
See Projects and Milestones for what is currently done and what's planned next. 👀
1D product | 1D industrial | 2D |
---|---|---|
Code 39 | QR Code | |
Data Matrix | ||
EAN-8 | Code 128 | |
EAN-13 | PDF 417 | |
ITF | ||
RSS-14 | ||
* In progress, may have open PR.
See Live Preview in browser.
Note: All the examples are using ES6, be sure is supported in your browser or modify as needed, Chrome recommended.
npm i @zxing/library --save
or
yarn add @zxing/library
<script type="module">
import { BrowserQRCodeReader } from '@zxing/library';
const codeReader = new BrowserQRCodeReader();
const img = document.getElementById('img');
try {
const result = await codeReader.decodeFromImage(img);
} catch (err) {
console.error(err);
}
console.log(result);
</script>
<script type="module">
import('@zxing/library').then({ BrowserQRCodeReader } => {
const codeReader = new BrowserQRCodeReader();
const img = document.getElementById('img');
try {
const result = await codeReader.decodeFromImage(img);
} catch (err) {
console.error(err);
}
console.log(result);
});
</script>
<script type="text/javascript" src="https://unpkg.com/requirejs"></script>
<script type="text/javascript">
require(['@zxing/library'], ZXing => {
const codeReader = new ZXing.BrowserQRCodeReader();
const img = document.getElementById('img');
try {
const result = await codeReader.decodeFromImage(img);
} catch (err) {
console.error(err);
}
console.log(result);
});
</script>
<script type="text/javascript" src="https://unpkg.com/@zxing/library@latest"></script>
<script type="text/javascript">
window.addEventListener('load', () => {
const codeReader = new ZXing.BrowserQRCodeReader();
const img = document.getElementById('img');
try {
const result = await codeReader.decodeFromImage(img);
} catch (err) {
console.error(err);
}
console.log(result);
});
</script>
const { MultiFormatReader, BarcodeFormat } = require('@zxing/library/esm5'); // use this path since v0.5.1
const hints = new Map();
const formats = [BarcodeFormat.QR_CODE, BarcodeFormat.DATA_MATRIX/*, ...*/];
hints.set(DecodeHintType.POSSIBLE_FORMATS, formats);
const reader = new MultiFormatReader();
reader.setHints(hints);
const luminanceSource = new RGBLuminanceSource(imgByteArray, imgWidth, imgHeight);
const binaryBitmap = new BinaryBitmap(new HybridBinarizer(luminanceSource));
reader.decode(binaryBitmap);
The browser layer is using the MediaDevices web API which is not supported by older browsers.
You can use external polyfills like WebRTC adapter to increase browser compatibility.
Also, note that the library is using the TypedArray
(Int32Array
, Uint8ClampedArray
, etc.) which are not available in older browsers (e.g. Android 4 default browser).
You can use core-js to add support to these browsers.
In the PDF 417 decoder recent addition, the library now makes use of the new BigInt
type, which is not supported by all browsers as well. There's no way to polyfill that and ponyfill libraries are way to big, but even if PDF 417 decoding relies on BigInt
the rest of the library shall work ok in browsers that doesn't support it.
There's no polyfills for BigInt
in the way it's coded in here.
To display the input from the video camera you will need to add a video element in the HTML page:
<video
id="video"
width="300"
height="200"
style="border: 1px solid gray"
></video>
To start decoding, first obtain a list of video input devices with:
const codeReader = new ZXing.BrowserQRCodeReader();
codeReader
.listVideoInputDevices()
.then(videoInputDevices => {
videoInputDevices.forEach(device =>
console.log(`${device.label}, ${device.deviceId}`)
);
})
.catch(err => console.error(err));
If there is just one input device you can use the first deviceId
and the video element id (in the example below is also 'video') to decode:
const firstDeviceId = videoInputDevices[0].deviceId;
codeReader
.decodeOnceFromVideoDevice(firstDeviceId, 'video')
.then(result => console.log(result.text))
.catch(err => console.error(err));
If there are more input devices then you will need to chose one for codeReader.decodeOnceFromVideoDevice
device id parameter.
You can also provide undefined
for the device id parameter in which case the library will automatically choose the camera, preferring the main (environment facing) camera if more are available:
codeReader
.decodeOnceFromVideoDevice(undefined, 'video')
.then(result => console.log(result.text))
.catch(err => console.error(err));
Similar as above you can use a video element in the HTML page:
<video
id="video"
width="300"
height="200"
style="border: 1px solid gray"
></video>
And to decode the video from an url:
const codeReader = new ZXing.BrowserQRCodeReader();
const videoSrc = 'your url to a video';
codeReader
.decodeFromVideo('video', videoSrc)
.then(result => console.log(result.text))
.catch(err => console.error(err));
You can also decode the video url without showing it in the page, in this case no video
element is needed in HTML.
codeReader
.decodeFromVideoUrl(videoUrl)
.then(result => console.log(result.text))
.catch(err => console.error(err));
// or alternatively
codeReader
.decodeFromVideo(null, videoUrl)
.then(result => console.log(result.text))
.catch(err => console.error(err));
Similar as above you can use a img element in the HTML page (with src attribute set):
<img
id="img"
src="qrcode-image.png"
width="200"
height="300"
style="border: 1px solid gray"
/>
And to decode the image:
const codeReader = new ZXing.BrowserQRCodeReader();
const img = document.getElementById('img');
codeReader
.decodeFromImage(img)
.then(result => console.log(result.text))
.catch(err => console.error(err));
You can also decode the image url without showing it in the page, in this case no img
element is needed in HTML:
const imgSrc = 'url to image';
codeReader
.decodeFromImage(undefined, imgSrc)
.then(result => console.log(result.text))
.catch(err => console.error(err));
Or decode the image url directly from an url, with an img
element in page (notice no src
attribute is set for img
element):
<img
id="img-to-decode"
width="200"
height="300"
style="border: 1px solid gray"
/>
const imgSrc = 'url to image';
const imgDomId = 'img-to-decode';
codeReader
.decodeFromImage(imgDomId, imgSrc)
.then(result => console.log(result.text))
.catch(err => console.error(err));
To generate a QR Code SVG image include 'zxing.qrcodewriter.min.js' from build/vanillajs
. You will need to include an element where the SVG element will be appended:
<div id="result"></div>
And then:
const codeWriter = new ZXing.BrowserQRCodeSvgWriter();
// you can get a SVG element.
const svgElement = codeWriter.write(input, 300, 300);
// or render it directly to DOM.
codeWriter.writeToDom('#result', input, 300, 300);
See Contributing Guide for information regarding porting approach and reasoning behind some of the approaches taken.
Special thanks to all the contributors who have contributed for this project. We heartly thankful to you all.
And a special thanks to @aleris who created the project itself and made available the initial QR code port.
FAQs
TypeScript port of ZXing multi-format 1D/2D barcode image processing library with inverse barcode support
The npm package zxing-library2 receives a total of 2 weekly downloads. As such, zxing-library2 popularity was classified as not popular.
We found that zxing-library2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.