Contents

# frozen_string_literal: true

require 'rack/protection'

module Rack
  module Protection
    ##
    # Prevented attack::   CSRF
    # Supported browsers:: all
    # More infos::         http://en.wikipedia.org/wiki/Cross-site_request_forgery
    #
    # Does not accept unsafe HTTP requests if the Referer [sic] header is set to
    # a different host.
    class RemoteReferrer < Base
      default_reaction :deny

      def accepts?(env)
        safe?(env) or referrer(env) == Request.new(env).host
      end
    end
  end
end

Version data entries

16 entries across 16 versions & 2 rubygems

Version	Path
rack-protection-4.1.1	lib/rack/protection/remote_referrer.rb
rack-protection-4.1.0	lib/rack/protection/remote_referrer.rb
rack-protection-4.0.0	lib/rack/protection/remote_referrer.rb
rack-protection-3.2.0	lib/rack/protection/remote_referrer.rb
rack-protection-3.1.0	lib/rack/protection/remote_referrer.rb
rubypitaya-3.12.5	./lib/rubypitaya/app-template/vendor/bundle/ruby/3.1.0/gems/rack-protection-3.0.5/lib/rack/protection/remote_referrer.rb
rack-protection-3.0.6	lib/rack/protection/remote_referrer.rb
rubypitaya-3.12.4	./lib/rubypitaya/app-template/vendor/bundle/ruby/3.1.0/gems/rack-protection-3.0.5/lib/rack/protection/remote_referrer.rb
rubypitaya-3.12.3	./lib/rubypitaya/app-template/vendor/bundle/ruby/3.1.0/gems/rack-protection-3.0.5/lib/rack/protection/remote_referrer.rb
rubypitaya-3.12.2	./lib/rubypitaya/app-template/vendor/bundle/ruby/3.1.0/gems/rack-protection-3.0.5/lib/rack/protection/remote_referrer.rb
rack-protection-3.0.5	lib/rack/protection/remote_referrer.rb
rack-protection-3.0.4	lib/rack/protection/remote_referrer.rb
rack-protection-3.0.3	lib/rack/protection/remote_referrer.rb
rack-protection-3.0.2	lib/rack/protection/remote_referrer.rb
rack-protection-3.0.1	lib/rack/protection/remote_referrer.rb
rack-protection-3.0.0	lib/rack/protection/remote_referrer.rb