Gathering detailed insights and metrics for blueimp-file-upload-node
Gathering detailed insights and metrics for blueimp-file-upload-node
File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.
Installations
npm install blueimp-file-upload-nodeDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
NPM Version
1.2.32
Releases
Unable to fetch releases
Languages
6
PHP
JavaScript
HTML
Python
CSS
Dockerfile
PHP (42.12%)
JavaScript (36.23%)
HTML (13.64%)
Python (5.3%)
CSS (1.92%)
Dockerfile (0.8%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
30,895 Stars
1,265 Commits
7,882 Forks
1,581 Watchers
5 Branches
96 Contributors
Updated on Jul 12, 2025
Maintainers
1
Package Meta Information
Latest Version
2.1.0
Package Id
blueimp-file-upload-node@2.1.0
Size
3.59 kB
NPM Version
1.2.32
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
jQuery File Upload
Contents
Description
File Upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery.
Supports cross-domain, chunked and resumable file uploads and client-side image resizing.
Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.
Demo
Features
- Multiple file upload:
Allows to select multiple files at once and upload them simultaneously. - Drag & Drop support:
Allows to upload files by dragging them from your desktop or file manager and dropping them on your browser window. - Upload progress bar:
Shows a progress bar indicating the upload progress for individual files and for all uploads combined. - Cancelable uploads:
Individual file uploads can be canceled to stop the upload progress. - Resumable uploads:
Aborted uploads can be resumed with browsers supporting the Blob API. - Chunked uploads:
Large files can be uploaded in smaller chunks with browsers supporting the Blob API. - Client-side image resizing:
Images can be automatically resized on client-side with browsers supporting the required JS APIs. - Preview images, audio and video:
A preview of image, audio and video files can be displayed before uploading with browsers supporting the required APIs. - No browser plugins (e.g. Adobe Flash) required:
The implementation is based on open standards like HTML5 and JavaScript and requires no additional browser plugins. - Graceful fallback for legacy browsers:
Uploads files via XMLHttpRequests if supported and uses iframes as fallback for legacy browsers. - HTML file upload form fallback:
Allows progressive enhancement by using a standard HTML file upload form as widget element. - Cross-site file uploads:
Supports uploading files to a different domain with cross-site XMLHttpRequests or iframe redirects. - Multiple plugin instances:
Allows to use multiple plugin instances on the same webpage. - Customizable and extensible:
Provides an API to set individual options and define callback methods for various upload events. - Multipart and file contents stream uploads:
Files can be uploaded as standard "multipart/form-data" or file contents stream (HTTP PUT file upload). - Compatible with any server-side application platform:
Works with any server-side platform (PHP, Python, Ruby on Rails, Java, Node.js, Go etc.) that supports standard HTML form file uploads.
Security
⚠️ Please read the VULNERABILITIES document for a list of fixed vulnerabilities
Please also read the SECURITY document for instructions on how to securely configure your Web server for file uploads.
Setup
jQuery File Upload can be installed via NPM:
1npm install blueimp-file-upload
This allows you to include jquery.fileupload.js and
its extensions via node_modules, e.g:
1<script src="node_modules/blueimp-file-upload/js/jquery.fileupload.js"></script>
The widget can then be initialized on a file upload form the following way:
1$('#fileupload').fileupload();
For further information, please refer to the following guides:
- Main documentation page
- List of all available Options
- The plugin API
- How to setup the plugin on your website
- How to use only the basic plugin.
Requirements
Mandatory requirements
- jQuery v1.7+
- jQuery UI widget factory v1.9+ (included): Required for the basic File Upload plugin, but very lightweight without any other dependencies from the jQuery UI suite.
- jQuery Iframe Transport plugin (included): Required for browsers without XHR file upload support.
Optional requirements
- JavaScript Templates engine v3+: Used to render the selected and uploaded files.
- JavaScript Load Image library v2+: Required for the image previews and resizing functionality.
- JavaScript Canvas to Blob polyfill v3+:Required for the resizing functionality.
- blueimp Gallery v2+: Used to display the uploaded images in a lightbox.
- Bootstrap v3+: Used for the demo design.
- Glyphicons Icon set used by Bootstrap.
Cross-domain requirements
Cross-domain File Uploads using the Iframe Transport plugin require a redirect back to the origin server to retrieve the upload results. The example implementation makes use of result.html as a static redirect page for the origin server.
The repository also includes the
jQuery XDomainRequest Transport plugin,
which enables limited cross-domain AJAX requests in Microsoft Internet Explorer
8 and 9 (IE 10 supports cross-domain XHR requests).
The XDomainRequest object allows GET and POST requests only and doesn't support
file uploads. It is used on the
Demo to delete uploaded files
from the cross-domain demo file upload service.
Browsers
Desktop browsers
The File Upload plugin is regularly tested with the latest browser versions and supports the following minimal versions:
- Google Chrome
- Apple Safari 4.0+
- Mozilla Firefox 3.0+
- Opera 11.0+
- Microsoft Internet Explorer 6.0+
Mobile browsers
The File Upload plugin has been tested with and supports the following mobile browsers:
- Apple Safari on iOS 6.0+
- Google Chrome on iOS 6.0+
- Google Chrome on Android 4.0+
- Default Browser on Android 2.3+
- Opera Mobile 12.0+
Extended browser support information
For a detailed overview of the features supported by each browser version and known operating system / browser bugs, please have a look at the Extended browser support information.
Testing
The project comes with three sets of tests:
- Code linting using ESLint.
- Unit tests using Mocha.
- End-to-end tests using blueimp/wdio.
To run the tests, follow these steps:
- Start Docker.
- Install development dependencies:
1npm install - Run the tests:
1npm test
Support
This project is actively maintained, but there is no official support channel.
If you have a question that another developer might help you with, please post
to
Stack Overflow
and tag your question with blueimp jquery file upload.
License
Released under the MIT license.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0
Reason
Found 4/25 approved changesets -- score normalized to 1
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/blueimp/jQuery-File-Upload/test.yml/master?enable=pin
- Warn: containerImage not pinned by hash: server/php/Dockerfile:1: pin your Docker image by updating php:8.0.11-apache to php:8.0.11-apache@sha256:24e4701f8f690db3eca85cccb52105c587d83fb3543a5d208730964c2af2bb26
- Warn: npmCommand not pinned by hash: .github/workflows/test.yml:17
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 9 are checked with a SAST tool
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
3.2
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More