npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

agnostic-html

v0.4.2

Published

A utility function that safely parses HTML strings into DOM nodes, avoiding the use of innerHTML for security reasons.

Downloads

7

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

banshee.developmentbanshee.development

Keywords

HTMLDOMparsersecuritysafe DOMinnerHTMLXSSCross-Site Scriptingnode creationdocument.createElementJavaScriptvanilla JSagnostic HTMLsanitizationsanitizerconvert HTMLHTML to DOMsecure HTML parsing

Readme

AgnosticHTML

AgnosticHTML is a lightweight utility for safely parsing HTML strings into DOM nodes, avoiding the use of innerHTML for security reasons. It provides a safe alternative for embedding dynamic HTML content into the DOM while offering configurable debugging capabilities for console.log and console.warn.

Installation

To install AgnosticHTML using npm, run the following command:

npm install agnostic-html

Usage

To use AgnosticHTML, import the agnosticHTML function and configure it to enable or disable debug messages. After configuration, you can safely insert HTML content into the DOM without using innerHTML.

Example:

import { agnosticHTML } from 'agnostic-html';

// Configure AgnosticHTML with debug options
window.agnosticHTML = agnosticHTML({ debugLog: true, debugWarn: true });

// Insert HTML content into a specific DOM element
window.agnosticHTML(
  \`
  <button type="button" class="text-white bg-blue-700 hover:bg-blue-800 focus:ring-4 focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 me-2 mb-2 dark:bg-blue-600 dark:hover:bg-blue-700 focus:outline-none dark:focus:ring-blue-800">AgnosticHTML Button</button>
  \`,
  "#html-selector"
);

In this example, AgnosticHTML inserts a button into the element with the ID #html-selector. If the element does not exist, a warning will be shown in the console, depending on the debug settings.

Default Target (without specifying a container):

If you don't specify a custom container (e.g., #html-selector), the content will be inserted into the <body> element by default:

// Insert HTML content into the <body> element by default
window.agnosticHTML(
  \`
  <button type="button" class="text-white bg-blue-700 hover:bg-blue-800 focus:ring-4 focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 me-2 mb-2 dark:bg-blue-600 dark:hover:bg-blue-700 focus:outline-none dark:focus:ring-blue-800">AgnosticHTML Button</button>
  \`
);

Disable Warns and/or Logs

AgnosticHTML allows you to control the appearance of console.log and console.warn messages through optional flags. You can enable or disable these messages as needed using the following options:

  • debugLog: Controls the appearance of informational messages (console.log). It can be set to true or false.
  • debugWarn: Controls the appearance of warning messages (console.warn). It can be set to true or false.

By default, both flags are disabled.

Example usage:

Show only warns on console:

window.agnosticHTML = agnosticHTML({ debugLog: false, debugWarn: true });

Show only debug messages on console:

window.agnosticHTML = agnosticHTML({ debugLog: true, debugWarn: false });

Doesn't show any message:

window.agnosticHTML = agnosticHTML({ debugLog: false, debugWarn: false });

License

AgnosticHTML is licensed under the MIT License. See the LICENSE file for details.

Issues

If you encounter any issues, feel free to report them here.