Contents

require 'rack/protection'

module Rack
  module Protection
    ##
    # Prevented attack::   Secret leakage, third party tracking
    # Supported browsers:: mixed support
    # More infos::         https://www.w3.org/TR/referrer-policy/
    #                      https://caniuse.com/#search=referrer-policy
    #
    # Sets Referrer-Policy header to tell the browser to limit the Referer header.
    #
    # Options:
    # referrer_policy:: The policy to use (default: 'strict-origin-when-cross-origin')
    class ReferrerPolicy < Base
      default_options :referrer_policy => 'strict-origin-when-cross-origin'

      def call(env)
        status, headers, body = @app.call(env)
        headers['Referrer-Policy'] ||= options[:referrer_policy]
        [status, headers, body]
      end
    end
  end
end

Version data entries

11 entries across 8 versions & 3 rubygems

Version	Path
rack-protection-2.2.4	lib/rack/protection/referrer_policy.rb
rack-protection-2.2.3	lib/rack/protection/referrer_policy.rb
rack-protection-2.2.2	lib/rack/protection/referrer_policy.rb
rack-protection-2.2.1	lib/rack/protection/referrer_policy.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/3.1.0/gems/rack-protection-2.1.0/lib/rack/protection/referrer_policy.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/2.6.0/gems/rack-protection-2.1.0/lib/rack/protection/referrer_policy.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/2.6.0/gems/rack-protection-2.2.0/lib/rack/protection/referrer_policy.rb
devcycle-ruby-server-sdk-1.1.0	examples/sinatra/vendor/bundle/ruby/3.0.0/gems/rack-protection-2.1.0/lib/rack/protection/referrer_policy.rb
rack-protection-2.2.0	lib/rack/protection/referrer_policy.rb
tdiary-5.1.6	vendor/bundle/ruby/2.7.0/gems/rack-protection-2.1.0/lib/rack/protection/referrer_policy.rb
rack-protection-2.1.0	lib/rack/protection/referrer_policy.rb