Gathering detailed insights and metrics for backbone.csrf
Gathering detailed insights and metrics for backbone.csrf
Installations
npm install backbone.csrfDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
NPM Version
1.4.28
Languages
1
JavaScript
JavaScript (100%)
Developer
kuc2477
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
6 Stars
18 Commits
1 Watchers
1 Branches
1 Contributors
Updated on Jan 23, 2018
Maintainers
1
Package Meta Information
Latest Version
1.0.2
Package Id
backbone.csrf@1.0.2
Size
3.66 kB
NPM Version
1.4.28
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
3
============= backbone.csrf
Configure your Backbone application to be compatible with your csrf-protected backend web frameworks
Author
Ha Junsoo <kuc2477@gmail.com>_
Compatibility
- Supports both AMD / CommonJS specification.
Dependencies
- backbone.csrf supports
Backbone.js <https://backbone.org>_ 1.7.1 or later - Requires
jQuery <https://jquery.com>_
Installation
.. code-block:: shell
bower install backbone.csrf
Or
.. code-block:: shell
npm install backbone.csrf
Build
.. code-block:: shell
npm install && grunt
Rationale
Although there are few cases where a Backbone application plays alone without any backend frameworks such as Django, Rails, Play, etc, Backbone itself lacks support for csrf token authentication, which most of backend web frameworks requires for client side requests for the sake of their security.
backbone.csrf will make your Backbone application compatible with your backend web frameworks that implements CSRF protecting systems.
Module's the only method initialize() configures Backbone.sync() to set X-CSRFToken request header for every requests it sends to make sure that all backbone requests are sent with csrf tokens.
You can also configure your jquery's $.ajax calls by passing true to initialize() call. This will allow you to send csrf-protection compatible requests to backends directly with $.ajax calls. This can be useful in case when you need requests that doesn't match Backbone ORM.
Usage
-
Add
<meta name='csrf-token' content={{ csrf_token }}>to your markup. -
Initialize backbone.csrf before you start your Backbone application.
.. code-block:: javascript
// Node/CommonJS var BackboneCSRF = require('backbone.csrf'); BackboneCSRF.initialize(); ... // AMD require(['backbone.csrf'], function(BackboneCSRF) { BackboneCSRF.initialize(); ... });
Change Log
-
1.0.2 (October 27, 2015):
- Support both AMD & CommonJS specifications.
-
1.0.1 (July 31, 2015):
-
Set
X-CSRFTokenheader on requests only when it is non-fetch requests. -
Set
X-CSRFTokenheader on jquery.ajax requests by callinginitialize()with boolean parametertrue. Default isfalse.
-
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
Found 0/18 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
3
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More