bones
Advanced tools
Comparing version 1.2.0 to 1.2.1
@@ -55,1 +55,32 @@ Backbone.Controller.prototype.route = function(route, name, callback) { | ||
| }; | ||
| // Generate CSRF protection cookie. Callers should provide the request path | ||
| // to ensure the cookie is not pervasive across all requests. | ||
| Backbone.csrf = function(path) { | ||
| var chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXZY0123456789'; | ||
| var token = ''; | ||
| while (token.length < 32) { | ||
| token += chars.charAt(Math.floor(Math.random() * chars.length)); | ||
| } | ||
| document.cookie = 'bones.token=' + token + ';max-age=60;path=' + (path || '/') + ';'; | ||
| return token; | ||
| }; | ||
| // Client-side override of `Backbone.sync`. Adds CSRF double-cookie | ||
| // confirmation protection to all PUT/POST/DELETE requests. The csrf middleware | ||
| // must be used server-side to invalidate requests without this CSRF | ||
| // proteciton. | ||
| Backbone.sync = _.wrap(Backbone.sync, function(parent, method, model, success, error) { | ||
| function getUrl(object) { | ||
| if (!(object && object.url)) throw new Error("A 'url' property or function must be specified"); | ||
| return _.isFunction(object.url) ? object.url() : object.url; | ||
| }; | ||
| if (method !== 'read') { | ||
| var clone = model.clone(); | ||
| clone.set({ 'bones.token': Backbone.csrf(getUrl(model)) }); | ||
| } | ||
| return parent.call(this, method, clone, success, error); | ||
| }); |
| { | ||
| "name": "bones", | ||
| "version": "1.2.0", | ||
| "version": "1.2.1", | ||
@@ -5,0 +5,0 @@ "main": "./bones.js", |
@@ -36,3 +36,3 @@ Bones | ||
| * `/commands` - extra command line commands | ||
| * `/controllers` - Bankbone controllers | ||
| * `/controllers` - Backbone controllers | ||
| * `/models` - Backbone models | ||
@@ -46,3 +46,3 @@ * `/routers` - server only routes | ||
| Files in each of these directories are expected to provide a single model|view|controller|template|etc... The file should be named a underscoreified version of the class name. A `blogPost` model should be defined in a `blog_post.bones` file. Bones with automatically transform all-lower-with-underscore style filesystem names to camelcase code. | ||
| Files in each of these directories are expected to provide a single model|view|controller|template|etc... The file should be named as the class is name, capitalization is important! A `BlogPost` model should be defined in a `BlogPost.bones` file. | ||
@@ -65,1 +65,5 @@ ### Creating an application | ||
| * server side vs. client side template compilation | ||
| ### Defining models & controllers | ||
| Bones provdes default routes for loading models and collections. To take advantage of these endpoints your models and collections should implement a `url` method that returns a string of the form; `api/:collection` or `api/:model/:id`. The result of the `url` method is treated as the canonical resource identifier for that object. |
@@ -6,9 +6,16 @@ var Backbone = require('./backbone'); | ||
| function Command(app) { | ||
| function Command(plugin) { | ||
| this.options = Object.create(Command.options); | ||
| this.initialize(app); | ||
| this.bootstrap(plugin, function() { | ||
| this.initialize(plugin); | ||
| }.bind(this)); | ||
| }; | ||
| Command.prototype.initialize = function(app) {}; | ||
| Command.prototype.bootstrap = function(plugin, callback) { | ||
| callback(); | ||
| }; | ||
| Command.prototype.initialize = function(plugin) {}; | ||
| Command.augment = Backbone.Controller.augment; | ||
@@ -15,0 +22,0 @@ Command.extend = Backbone.Controller.extend; |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.62%
269971
- Lines of code
- increased by0.4%
7809
- Number of lines in readme file
- increased by6.35%
67
No dependency changes