Skip to content


Subversion checkout URL

You can clone with
Download ZIP
A client/server web application framework built on Express and Backbone

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.


Conventions for server-side backbone.js views/controllers. Provides a set of overrides to allow the same Views and Controllers to be used both client-side and server-side.

                   | Models |
     +-----------> +--------+ <------------+
     |             | Views  |              |
     |          +--------------+           |
     |          | Controllers  |           |
     |          +--------------+           |
+---------+                           +---------+
| Browser |                           | Server  |
+---------+                           +---------+

Bones allows your Backbone controller routes to be served as normal static pages to crawlers and javascript-disabled browsers while allowing your users to enjoy the normal client-side Backbone experience.

Tested with

  • documentcloud underscore 1.1.4
  • documentcloud backbone 0.3.3
  • tmpvar jsdom 0.1.20
  • tautologistics node-htmlparser v1.7.3
  • mikeal request v1.2.0
  • coolaj86 node-jquery v1.4.4
  • visionmedia express 1.0.0
  • developmentseed handlebars.js

Summary of overrides/conventions

  • Backbone.Controller provides a Connect middleware for serving Controller routes server-side.
  • Backbone.Controller passes an additional response argument to all route callbacks for sending an HTTP response server-side.
  • Backbone.View splits the typical template and initiate JS behaviors between the render() and new attach() methods allowing client-specific JS behaviors to be ignored by server-side code.
  • Backbone.View provides a convenience template() method for sharing handlebars.js templates between client-side and server-side code.
  • Backbone.View provides a convenience html() method for rendering a View to string (server-side).
  • Optional cookie confirmation-based CSRF protection.


var express = require('express'),
    server = express.createServer(),
    Bones = require('bones').Bones(server),
    mvc = require('mvc'); // Your models, views, controllers.

// Adds routes for Router controller.
new mvc.Router();

// Start server.

To enable CSRF protection use the Connect cookieDecoder middleware prior to calling Bones:

var express = require('express'),
    server = express.createServer();

var Bones = require('bones').Bones(server);

See examples for a simple example of Bones usage.


Something went wrong with that request. Please try again.