@izumisy/vite-plugin-react-preview 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -0
- package/dist/index.mjs +4 -1
- package/package.json +14 -5
package/README.md
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# @izumisy/vite-plugin-react-preview
|
|
2
2
|
|
|
3
|
+
[](https://www.npmjs.com/package/@izumisy/vite-plugin-react-preview)
|
|
4
|
+
|
|
3
5
|
Low-level Vite plugin and utilities for rendering React component previews. This package is the shared engine used by both `@izumisy/md-react-preview` (CLI) and `@izumisy/vitepress-plugin-react-preview` (VitePress integration).
|
|
4
6
|
|
|
5
7
|
## Features
|
package/dist/index.mjs
CHANGED
|
@@ -99,7 +99,9 @@ function applyTheme(theme) {
|
|
|
99
99
|
if (themeParam === "dark" || themeParam === "light") {
|
|
100
100
|
applyTheme(themeParam);
|
|
101
101
|
}
|
|
102
|
+
// Security: validate postMessage origin to prevent cross-origin message spoofing
|
|
102
103
|
window.addEventListener("message", function(e) {
|
|
104
|
+
if (e.origin !== location.origin) return;
|
|
103
105
|
if (e.data && e.data.type === "mrp-theme" && (e.data.theme === "dark" || e.data.theme === "light")) {
|
|
104
106
|
applyTheme(e.data.theme);
|
|
105
107
|
}
|
|
@@ -120,9 +122,10 @@ registry[blockId]().then(function(mod) {
|
|
|
120
122
|
createRoot(root).render(createElement(mod.default));
|
|
121
123
|
|
|
122
124
|
new ResizeObserver(function() {
|
|
125
|
+
// Security: specify origin instead of "*" to restrict postMessage recipients
|
|
123
126
|
window.parent.postMessage(
|
|
124
127
|
{ type: "mrp-resize", blockId: blockId, height: root.scrollHeight },
|
|
125
|
-
|
|
128
|
+
location.origin
|
|
126
129
|
);
|
|
127
130
|
}).observe(root);
|
|
128
131
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@izumisy/vite-plugin-react-preview",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.1",
|
|
4
4
|
"description": "Vite plugin for rendering React component previews in iframe",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -16,18 +16,27 @@
|
|
|
16
16
|
"files": [
|
|
17
17
|
"dist/**"
|
|
18
18
|
],
|
|
19
|
+
"repository": {
|
|
20
|
+
"type": "git",
|
|
21
|
+
"url": "https://github.com/IzumiSy/md-react-preview",
|
|
22
|
+
"directory": "packages/vite-plugin-react-preview"
|
|
23
|
+
},
|
|
19
24
|
"keywords": [],
|
|
20
|
-
"author": "",
|
|
21
|
-
"license": "
|
|
22
|
-
"
|
|
23
|
-
"
|
|
25
|
+
"author": "IzumiSy",
|
|
26
|
+
"license": "MIT",
|
|
27
|
+
"publishConfig": {
|
|
28
|
+
"access": "public"
|
|
24
29
|
},
|
|
25
30
|
"devDependencies": {
|
|
26
31
|
"@types/node": "^22",
|
|
27
32
|
"tsdown": "^0.21.3",
|
|
28
33
|
"typescript": "~5.9.3",
|
|
34
|
+
"vite": "^6.3.5",
|
|
29
35
|
"vitest": "^4.1.2"
|
|
30
36
|
},
|
|
37
|
+
"peerDependencies": {
|
|
38
|
+
"vite": ">=6"
|
|
39
|
+
},
|
|
31
40
|
"scripts": {
|
|
32
41
|
"dev": "tsdown --watch",
|
|
33
42
|
"build": "tsdown",
|