Skip to content

Instantly share code, notes, and snippets.

VictorQueiroz / gist:9c5ed701309654a7897c
Created April 20, 2015 04:44
bookshelf.js - Updating related models
Account.query(function (q) {
q.where('', '=', 1);
q.distinct().innerJoin('account_accounts', function () {
this.on('', '=', '');
withRelated: ['accounts']
}).then(function (account) {
return account.related('accounts').query(function (qb) {
qb.where('', '=', 1006);
p-baleine /
Created November 29, 2013 08:59
Bookshelf polymorphic association example.


$ ./node_modules/.bin/knex:migrate:latest -c db/config.js
tmcw /
Created August 15, 2013 20:27
Why JSONP is a terrible idea and I will never use it again

Moral Concerns

JSONP is not actually JSON with padding, it's Javascript code that's executed. JSON is not a real subset of Javascript and the way it is not is important to us: via UTFGrid, we are all UTF-8 masters.

JSONP is not safe: it's Javascript that's executed. It's trivial to XSS with JSONP, because JSONP is XSS. Just have a call like mapbox.load('foo.tilejson', …) and if foo.tilejson gets replaced with destroyYoursite(), it gets run. Compare to JSON.parse, which is, on purpose, not eval.

Practical Concerns

JSONP is questionable in terms of performance. To be fast, you want to have the same callback all the time so that you can cache the response. But this leads to a page like

/** @jsx React.DOM */
var MyRootComponent = React.createClass({
getInitialState: function() {
return {perMinute: '-', perDay: '-'};
componentDidMount: function() {
var socket = io.connect(this.props.url);
socket.on('business.clickout', this.setState.bind(this));
render: function() {
conorbuck / angle-between-points.js
Created May 5, 2012 22:51
JavaScript: Find the angle between two points
var p1 = {
x: 20,
y: 20
var p2 = {
x: 40,
y: 40