Sha256: c8d32b19cacc32fb95ef113e9f13c0ae548eb0f27fccd824508959fe029d6c3f
Contents?: true
Size: 607 Bytes
Versions: 61
Compression:
Stored size: 607 Bytes
Contents
require 'rack/protection' module Rack module Protection ## # Prevented attack:: CSRF # Supported browsers:: all # More infos:: http://en.wikipedia.org/wiki/Cross-site_request_forgery # # Does not accept unsafe HTTP requests if the Referer [sic] header is set to # a different host. # # Combine with NoReferrer to also block remote requests from non-HTTP pages # (FTP/HTTPS/...). class RemoteReferrer < Base default_reaction :deny def accepts?(env) safe?(env) or referrer(env) == Request.new(env).host end end end end
Version data entries
61 entries across 61 versions & 4 rubygems
Version | Path |
---|---|
rack-protection-0.1.0 | lib/rack/protection/remote_referrer.rb |