npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@sxwjs/sxwjs

v4.0.0

Published

A Javascript library to warn your users aginst Self XSS attacks

Downloads

73

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

kolappannathankolappannathan

Keywords

sxwjssxw jsself-xssself xss warningbrowsersecurityxss attacksxss console warning

Readme

SXW.js

Website GitHub License GitHub issues Contributors

About

SXW.js is a javascript library that is used to display console warnings against Self XSS attacks.

Status: Build Status

Download via

npm Nuget GitHub release

Usage

Using npm

  1. Install the npm package using
    npm i @sxwjs/sxwjs
  2. Import sxwjs module
  3. Call the required function inside sxwjs module
    import sxwjs from '@sxwjs/sxwjs';
...
...
sxwjs.printWarning();

Using js file directly

  1. Include the sxw.js file in your website.
  2. The script will register built-in functions into window.sxwjs object.
  3. At the end of the HTML document call the printWarning function in window.sxwjs as shown in the sample code.
    <script>
    window.sxwjs.printWarning();
</script>

Using nuget

  1. Install the nuget package
  2. Include the sxw.js file from the content folder into your website.
  3. At the end of the HTML document call the printWarning function in window.sxwjs similar to the one mentioned above.

Customizations

Sections

The warning displayed in console contains three sections.

  1. A huge STOP sign
  2. A caution text in bold
  3. A detailed message saying that this section is intented for developers only. It also warns aginst copy pasting content in the console.
Configuration

SXW.js has a config object with the following variables,

Variable name | Default value | Description ------------ | ------------- | --------- stopColor | red | the colour of the stop sign stopFontWeight | bold | Font weight for stop sign cautionFontWeight | bold | Font weight for caution sign cautionFontSize | 15px | Font size for caution sign

Example js object:

var config = {
        stopColor: "red",
        stopFontWeight: "bold",
        cautionFontWeight: "bold",
        cautionFontSize: "15px",
    };
Content

SXW.js has a predefined object with the following variables for defining the content to be displayed,

Variable name | Default value | Description ------------ | ------------- | --------- stopText | * based stop sign text | The text used to print STOP sign cautionText | Caution: DO NOT PROCEED. | Text for caution notice warningText | This section is intended for developers only. Don't copy paste anything in this area.\nIf someone told you to copy and paste something here, it is a scam and will give them access to your account. In that case, kindly report this to our support team. | The content of the detailed error message

var content = {
        en: {
            stopText: "*********  *********  *********  *********\n***           ***     ***   ***  ***   ***\n***           ***     ***   ***  ***   ***\n*********     ***     ***   ***  *********\n      ***     ***     ***   ***  ***\n      ***     ***     ***   ***  ***\n*********     ***     *********  ***",
            cautionText: "Caution: DO NOT PROCEED.",
            warningText: "This section is intended for developers only. Don't copy paste anything in this area.\nIf someone told you to copy and paste something here, it is a scam and will give them access to your account. In that case, kindly report this to our support team."
        }
    };

You can define content in multiple languages as shown here. Just pass the appropriate language code to the printing function.

Functions

There are three functions in the library that will be available into the window.sxwjs object.

  1. printStop - Prints just the huge stop sign.
  2. printCautionNotice - Prints the caution notice.
  3. printWarningText - Prints the the detailed error message.
  4. printWarning - Prints all the three sections.
  5. setConfig - Assigns the provided configuration.
  6. getConfig - Retrives the configuration.
  7. setContent - Can be used to modifiy the content such as warningText, cautionNotice, etc...
  8. getContent - Retrives the content that will be displayed on the console.

None of these functions are called by default. You can choose to call them as you wish.

Example Usage:

window.sxwjs.setConfig(myConfig);
window.sxwjs.printWarning('en');
window.sxwjs.printStop('en');
window.sxwjs.printCautionNotice('en');

Credits & Thanks

Contributors

This project follows the all-contributors specification. Contributions of any kind welcome!

Services & Tools used

  1. Github - Provides free hosting for repos and website.
  2. js.org - Provides subdomain for our website.
  3. Shields.io - Provides those beatutiful status icons.
  4. Azure Devops - Free CI/CD for open source projects.
  5. ImgBot - Automatic compression of new images
  6. Pull - Automatic update of forked repos
  7. allcontributors - Helps maintaing list of contributors of the project
  8. Adobe Spark - Used to create logo, banners, etc...