Class: CsrAuth::Filter

Inherits:
Object
  • Object
show all
Includes:
CsrAuth
Defined in:
lib/csr_auth.rb

Constant Summary

Constants included from CsrAuth

VERSION

Class Method Summary collapse

Methods included from Configuration

#configuration, #define_setting

Class Method Details

.block_csr?(request) ⇒ Boolean

Returns:

  • (Boolean) 


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/csr_auth.rb', line 13

def self.block_csr?(request)
if request.format.html?
    return true
 else
    block = true
    unless request.headers['origin'].nil?
      if @@allowed_origins == "*"
        block = false
      else
        @@allowed_origins.each do |origin|
          if origin[:origin].class == String
            if request.headers['origin'].start_with? origin[:origin]
              block = block_method? origin[:methods], request.method
              break
            end
          elsif origin[:origin].class == Regexp
            if request.headers['origin'] =~ origin[:origin]
              block = block_method? origin[:methods], request.method
              break
            end
          end
        end
      end
    end
    block
  end
end