rack-secure-referer 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -15
- data/lib/rack/secure/referer.rb +3 -2
- data/lib/rack/secure/referer/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c7bfaf175069ddb346c673e79b9dfbc171e8fb24
|
|
4
|
+
data.tar.gz: 25c634b2594cb6f3fc9d7b1897a73c64c87c5baf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dc96ca93b776f9aba1022ee53fc0d7d1e7df0326a619d639cf5118998d734db86b5e405723cd5f57bc7caf2d4c666528bd430a27104e91630b6c98379ec61449
|
|
7
|
+
data.tar.gz: 155fa8f6c6179892e8b86a5dbc1c9aa7daf417522360f18c2a05682e68103168d6e0bb65f4fb935b6276187c8f2d99c2045addcbd48fd75fbc8e1338d9b74626
|
data/README.md
CHANGED
|
@@ -1,11 +1,9 @@
|
|
|
1
1
|
# Rack::Secure::Referer
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
Sanitize request.referer for preventing XSS
|
|
4
4
|
|
|
5
5
|
## Installation
|
|
6
6
|
|
|
7
|
-
Add this line to your application's Gemfile:
|
|
8
|
-
|
|
9
7
|
```ruby
|
|
10
8
|
gem 'rack-secure-referer'
|
|
11
9
|
```
|
|
@@ -17,15 +15,3 @@ And then execute:
|
|
|
17
15
|
Or install it yourself as:
|
|
18
16
|
|
|
19
17
|
$ gem install rack-secure-referer
|
|
20
|
-
|
|
21
|
-
## Usage
|
|
22
|
-
|
|
23
|
-
TODO: Write usage instructions here
|
|
24
|
-
|
|
25
|
-
## Contributing
|
|
26
|
-
|
|
27
|
-
1. Fork it ( https://github.com/[my-github-username]/rack-secure-referer/fork )
|
|
28
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
|
29
|
-
3. Commit your changes (`git commit -am 'Add some feature'`)
|
|
30
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
|
31
|
-
5. Create a new Pull Request
|
data/lib/rack/secure/referer.rb
CHANGED
|
@@ -4,8 +4,9 @@ require 'rack/request'
|
|
|
4
4
|
module Rack
|
|
5
5
|
module Secure
|
|
6
6
|
module Referer
|
|
7
|
-
def new(
|
|
8
|
-
|
|
7
|
+
def new(*args)
|
|
8
|
+
env = args[0]
|
|
9
|
+
if !env['HTTP_REFERER'].nil? && !env['HTTP_REFERER'].match(/\Ahttp(s)?:\/\//i)
|
|
9
10
|
env['HTTP_REFERER'] = nil
|
|
10
11
|
end
|
|
11
12
|
super
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-secure-referer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- ppworks
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-07-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|
|
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
105
105
|
version: '0'
|
|
106
106
|
requirements: []
|
|
107
107
|
rubyforge_project:
|
|
108
|
-
rubygems_version: 2.
|
|
108
|
+
rubygems_version: 2.6.11
|
|
109
109
|
signing_key:
|
|
110
110
|
specification_version: 4
|
|
111
111
|
summary: Secure request.referer
|