npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

rehype-external-links

v3.0.0

Published

rehype plugin to automatically add `target` and `rel` attributes to external links

Downloads

10,923,207

Readme

rehype-external-links

Build Coverage Downloads Size Sponsors Backers Chat

rehype plugin to add rel (and target) to external links.

Contents

What is this?

This package is a unified (rehype) plugin to add rel (and target) attributes to external links. It is particularly useful when displaying user content on your reputable site, because users could link to disreputable sources (spam, scams, etc), as search engines and other bots will discredit your site for linking to them (or legitimize their sites). In short: linking to something signals trust, but you can’t trust users. This plugin adds certain rel attributes to prevent that from happening.

unified is a project that transforms content with abstract syntax trees (ASTs). rehype adds support for HTML to unified. hast is the HTML AST that rehype uses. This is a rehype plugin that adds rel (and target) to <a>s in the AST.

When should I use this?

This project is useful when you want to display user content from authors you don’t trust (such as comments), as they might include links you don’t endorse, on your website.

Install

This package is ESM only. In Node.js (version 16+), install with npm:

npm install rehype-external-links

In Deno with esm.sh:

import rehypeExternalLinks from 'https://esm.sh/rehype-external-links@3'

In browsers with esm.sh:

<script type="module">
  import rehypeExternalLinks from 'https://esm.sh/rehype-external-links@3?bundle'
</script>

Use

Say our module example.js contains:

import rehypeExternalLinks from 'rehype-external-links'
import remarkParse from 'remark-parse'
import remarkRehype from 'remark-rehype'
import rehypeStringify from 'rehype-stringify'
import {unified} from 'unified'

const file = await unified()
  .use(remarkParse)
  .use(remarkRehype)
  .use(rehypeExternalLinks, {rel: ['nofollow']})
  .use(rehypeStringify)
  .process('[rehype](https://github.com/rehypejs/rehype)')

console.log(String(file))

…then running node example.js yields:

<p><a href="https://github.com/rehypejs/rehype" rel="nofollow">rehype</a></p>

API

This package exports no identifiers. The default export is rehypeExternalLinks.

unified().use(rehypeExternalLinks[, options])

Automatically add rel (and target?) to external links.

Parameters
  • options (Options, optional) — configuration
Returns

Transform (Transformer).

Notes

You should likely not configure target.

You should at least set rel to ['nofollow']. When using a target, add noopener and noreferrer to avoid exploitation of the window.opener API.

When using a target, you should set content to adhere to accessibility guidelines by giving users advanced warning when opening a new window.

CreateContent

Create a target for the element (TypeScript type).

Parameters
  • element (Element) — element to check
Returns

Content to add (Array<Node> or Node, optional).

CreateProperties

Create properties for an element (TypeScript type).

Parameters
  • element (Element) — element to check
Returns

Properties to add (Properties, optional).

CreateRel

Create a rel for the element (TypeScript type).

Parameters
  • element (Element) — element to check
Returns

rel to use (Array<string>, optional).

CreateTarget

Create a target for the element (TypeScript type).

Parameters
  • element (Element) — element to check
Returns

target to use (Target, optional).

Options

Configuration (TypeScript type).

Fields
  • content (Array<Node>, CreateContent, or Node, optional) — content to insert at the end of external links; will be inserted in a <span> element; useful for improving accessibility by giving users advanced warning when opening a new window
  • contentProperties (CreateProperties or Properties, optional) — properties to add to the span wrapping content
  • properties (CreateProperties or Properties, optional) — properties to add to the link itself
  • protocols (Array<string>, default: ['http', 'https']) — protocols to see as external, such as mailto or tel
  • rel (Array<string>, CreateRel, or string, default: ['nofollow']) — link types to hint about the referenced documents; pass an empty array ([]) to not set rels on links; when using a target, add noopener and noreferrer to avoid exploitation of the window.opener API
  • target (CreateTarget or Target, optional) — how to display referenced documents; the default (nothing) is to not set targets on links
  • test (Test, optional) — extra test to define which external link elements are modified; any test that can be given to hast-util-is-element is supported

Target

Target (TypeScript type).

Type
type Target = '_blank' | '_parent' | '_self' | '_top'

Types

This package is fully typed with TypeScript. It exports the additional types CreateContent, CreateProperties, CreateRel, CreateTarget, Options, and Target.

Compatibility

Projects maintained by the unified collective are compatible with maintained versions of Node.js.

When we cut a new major release, we drop support for unmaintained versions of Node. This means we try to keep the current release line, rehype-external-links@^3, compatible with Node.js 16.

This plugin works with rehype-parse version 3+, rehype-stringify version 3+, rehype version 4+, and unified version 6+.

Security

Improper use of rehype-external-links can open you up to a cross-site scripting (XSS) attack.

Either do not combine this plugin with user content or use rehype-sanitize.

Contribute

See contributing.md in rehypejs/.github for ways to get started. See support.md for ways to get help.

This project has a code of conduct. By interacting with this repository, organization, or community you agree to abide by its terms.

License

MIT © Titus Wormer