rack-secure-referer 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -15
- data/lib/rack/secure/referer.rb +3 -2
- data/lib/rack/secure/referer/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c7bfaf175069ddb346c673e79b9dfbc171e8fb24
|
|
4
|
+
data.tar.gz: 25c634b2594cb6f3fc9d7b1897a73c64c87c5baf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dc96ca93b776f9aba1022ee53fc0d7d1e7df0326a619d639cf5118998d734db86b5e405723cd5f57bc7caf2d4c666528bd430a27104e91630b6c98379ec61449
|
|
7
|
+
data.tar.gz: 155fa8f6c6179892e8b86a5dbc1c9aa7daf417522360f18c2a05682e68103168d6e0bb65f4fb935b6276187c8f2d99c2045addcbd48fd75fbc8e1338d9b74626
|
data/README.md
CHANGED
|
@@ -1,11 +1,9 @@
|
|
|
1
1
|
# Rack::Secure::Referer
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
Sanitize request.referer for preventing XSS
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
6
|
|
|
7
|
-
Add this line to your application's Gemfile:
|
|
8
|
-
|
|
9
7
|
```ruby
|
|
10
8
|
gem 'rack-secure-referer'
|
|
11
9
|
```
|
|
@@ -17,15 +15,3 @@ And then execute:
|
|
|
17
15
|
Or install it yourself as:
|
|
18
16
|
|
|
19
17
|
$ gem install rack-secure-referer
|
|
20
|
-
|
|
21
|
-
## Usage
|
|
22
|
-
|
|
23
|
-
TODO: Write usage instructions here
|
|
24
|
-
|
|
25
|
-
## Contributing
|
|
26
|
-
|
|
27
|
-
1. Fork it ( https://github.com/[my-github-username]/rack-secure-referer/fork )
|
|
28
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
|
29
|
-
3. Commit your changes (`git commit -am 'Add some feature'`)
|
|
30
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
|
31
|
-
5. Create a new Pull Request
|
data/lib/rack/secure/referer.rb
CHANGED
|
@@ -4,8 +4,9 @@ require 'rack/request'
|
|
|
4
4
|
module Rack
|
|
5
5
|
module Secure
|
|
6
6
|
module Referer
|
|
7
|
-
def new(
|
|
8
|
-
|
|
7
|
+
def new(*args)
|
|
8
|
+
env = args[0]
|
|
9
|
+
if !env['HTTP_REFERER'].nil? && !env['HTTP_REFERER'].match(/\Ahttp(s)?:\/\//i)
|
|
9
10
|
env['HTTP_REFERER'] = nil
|
|
10
11
|
end
|
|
11
12
|
super
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-secure-referer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- ppworks
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-07-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
105
105
|
version: '0'
|
|
106
106
|
requirements: []
|
|
107
107
|
rubyforge_project:
|
|
108
|
-
rubygems_version: 2.
|
|
108
|
+
rubygems_version: 2.6.11
|
|
109
109
|
signing_key:
|
|
110
110
|
specification_version: 4
|
|
111
111
|
summary: Secure request.referer
|