Ryan Grove rgrove

## node-scroll-info.js
/*!
Copyright (c) 2012 Ryan Grove. All rights reserved.

Redistribution and use of this software in source and binary forms, with or
without modification, are permitted provided that the following conditions are
met:

  * Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.

## lazy-model-list.js
var AttrProto = Y.Attribute.prototype,
    GlobalEnv = YUI.namespace('Env.Model'),
    Lang      = Y.Lang,
    YArray    = Y.Array,

    EVT_ADD   = 'add',
    EVT_ERROR = 'error',
    EVT_RESET = 'reset';

Y.LazyModelList = Y.Base.create('lazyModelList', Y.ModelList, [], {

## gist:2046918
console.log(this); // => window (the global object)

var myObject = {};

function foo() {
    console.log(this);
}

foo(); // => window
foo.call(myObject); // => myObject

## gist:2025242

      
              1 file
            
          
              0 forks
            
          
              17 comments
            
          
              2 stars
            
          
                rgrove
                / gist:2025242
            
            
              Created
              March 12, 2012 22:56
            
              
                YUI Attribute Value Filters proposal
              
          
    Attribute Value Filters

With more and more application logic moving to the client, and with YUI becoming more popular on the server, it's increasingly important to design APIs that handle user input safely. Currently, YUI modules that store user input in attributes must do one of two things: either escape user strings before setting an attribute, or escape them manually before using them.
Escaping automatically before storing the value is safest, but also inconvenient if you sometimes need the unescaped value, since you must then store two versions (probably in two different attributes). This can lead to API clutter and confusion. Escaping manually before use avoids API clutter but increases the likelihood of mistakes, and also clutters up the codebase in general. It significantly increases the chances that another developer who is unaware of the need to escape the value will inadvertently introduce a security vulnerability.
Proposal

Attribute should provide a consistent, pluggable API for retrieving

  
## .jshint.json
{
    // enforcing options (true means potentially more warnings)

    "adsafe":       false,  // true if ADsafe rules should be enforced. See http://www.ADsafe.org/
    "bitwise":      true,   // true if bitwise operators should not be allowed
    "curly":        true,   // true if curly braces should be required around blocks in loops and conditionals
    "eqeqeq":       true,   // true if === should be required (for ALL equality comparisons)
    "forin":        false,  // true if unfiltered 'for in' statements should be forbidden
    "immed":        true,   // true if immediate function invocations must be wrapped in parens
    "newcap":       true,   // true if Initial Caps must be used with constructor functions

## app.js
var express = require('express'),
    app     = express.createServer();

app.configure(function () {
    // Use our custom Handlebars-based view engine as the default.
    app.register('.handlebars', require('./view'));
    app.set('view engine', 'handlebars');

    // ...
});

## aclist-scroll-fix.js
Y.AutoCompleteList.prototype._bindList = function () {
    this._listEvents.concat([
        Y.one('doc').after('click', this._afterDocClick, this),
        Y.on('windowresize', this._syncPosition, this),

        this.after({
            blur     : this._afterListBlur,
            focus    : this._afterListFocus,
            mouseover: this._afterMouseOver,
            mouseout : this._afterMouseOut,

## gist:1784146
model.load({url: 'http://www.company.com/somefile.xml'}, function (err, response) {
    Y.log("Model load " + response);
});

// Custom sync layer.
sync: function (action, options, callback) {
    switch (action) {
    case 'read':
        Y.io(options.url, {
            on: {

## gist:1603932
var utils = {},
    decodeEl;

/**
 * Returns a version of the specified string with all HTML entities
 * decoded. DO NOT use the output of this function with innerHTML if you're
 * working with user-supplied content!
 *
 * @method decodeEntities
 * @param {String} string string to decode

## model-list-patch-2531543.js
Y.ModelList.prototype._add = function (model, options) {
    var facade;

    options || (options = {});

    if (!(model instanceof Y.Model || (model._yuid && model.lists))) {
        model = new this.model(model);
    }

    if (this._clientIdMap[model.get('clientId')]) {
	/*!
	Copyright (c) 2012 Ryan Grove. All rights reserved.

	Redistribution and use of this software in source and binary forms, with or
	without modification, are permitted provided that the following conditions are
	met:

	* Redistributions of source code must retain the above copyright notice, this
	list of conditions and the following disclaimer.
	var AttrProto = Y.Attribute.prototype,
	GlobalEnv = YUI.namespace('Env.Model'),
	Lang = Y.Lang,
	YArray = Y.Array,

	EVT_ADD = 'add',
	EVT_ERROR = 'error',
	EVT_RESET = 'reset';

	Y.LazyModelList = Y.Base.create('lazyModelList', Y.ModelList, [], {
	console.log(this); // => window (the global object)

	var myObject = {};

	function foo() {
	console.log(this);
	}

	foo(); // => window
	foo.call(myObject); // => myObject
	{
	// enforcing options (true means potentially more warnings)

	"adsafe": false, // true if ADsafe rules should be enforced. See http://www.ADsafe.org/
	"bitwise": true, // true if bitwise operators should not be allowed
	"curly": true, // true if curly braces should be required around blocks in loops and conditionals
	"eqeqeq": true, // true if === should be required (for ALL equality comparisons)
	"forin": false, // true if unfiltered 'for in' statements should be forbidden
	"immed": true, // true if immediate function invocations must be wrapped in parens
	"newcap": true, // true if Initial Caps must be used with constructor functions
	var express = require('express'),
	app = express.createServer();

	app.configure(function () {
	// Use our custom Handlebars-based view engine as the default.
	app.register('.handlebars', require('./view'));
	app.set('view engine', 'handlebars');

	// ...
	});
	Y.AutoCompleteList.prototype._bindList = function () {
	this._listEvents.concat([
	Y.one('doc').after('click', this._afterDocClick, this),
	Y.on('windowresize', this._syncPosition, this),

	this.after({
	blur : this._afterListBlur,
	focus : this._afterListFocus,
	mouseover: this._afterMouseOver,
	mouseout : this._afterMouseOut,
	model.load({url: 'http://www.company.com/somefile.xml'}, function (err, response) {
	Y.log("Model load " + response);
	});

	// Custom sync layer.
	sync: function (action, options, callback) {
	switch (action) {
	case 'read':
	Y.io(options.url, {
	on: {
	var utils = {},
	decodeEl;

	/**
	* Returns a version of the specified string with all HTML entities
	* decoded. DO NOT use the output of this function with innerHTML if you're
	* working with user-supplied content!
	*
	* @method decodeEntities
	* @param {String} string string to decode
	Y.ModelList.prototype._add = function (model, options) {
	var facade;

	options \|\| (options = {});

	if (!(model instanceof Y.Model \|\| (model._yuid && model.lists))) {
	model = new this.model(model);
	}

	if (this._clientIdMap[model.get('clientId')]) {