123456789_123456789_123456789_123456789_123456789_

Class: Rack::Protection::RemoteReferrer

Relationships & Source Files
Super Chains via Extension / Inclusion / Inheritance
Class Chain:
self, Base
Instance Chain:
self, Base
Inherits: Rack::Protection::Base
Defined in: rack-protection/lib/rack/protection/remote_referrer.rb

Overview

Prevented attack:: CSRF Supported browsers:: all More infos:: http://en.wikipedia.org/wiki/Cross-site_request_forgery

Does not accept unsafe HTTP requests if the Referer [sic] header is set to a different host.

Constant Summary

Base - Inherited

DEFAULT_OPTIONS

Class Method Summary

Instance Attribute Summary

Base - Inherited

Instance Method Summary

Constructor Details

This class inherits a constructor from Rack::Protection::Base

Instance Method Details

#accepts?(env) ⇒ Boolean

[ GitHub ]

  
# File 'rack-protection/lib/rack/protection/remote_referrer.rb', line 17

def accepts?(env)
  safe?(env) or referrer(env) == Request.new(env).host
end