Module: Rack::Protection
- Defined in:
- lib/rack/protection.rb,
lib/rack/protection/base.rb,
lib/rack/protection/version.rb,
lib/rack/protection/json_csrf.rb,
lib/rack/protection/form_token.rb,
lib/rack/protection/xss_header.rb,
lib/rack/protection/ip_spoofing.rb,
lib/rack/protection/remote_token.rb,
lib/rack/protection/frame_options.rb,
lib/rack/protection/escaped_params.rb,
lib/rack/protection/path_traversal.rb,
lib/rack/protection/remote_referrer.rb,
lib/rack/protection/session_hijacking.rb,
lib/rack/protection/authenticity_token.rb
Defined Under Namespace
Classes: AuthenticityToken, Base, EscapedParams, FormToken, FrameOptions, IPSpoofing, JsonCsrf, PathTraversal, RemoteReferrer, RemoteToken, SessionHijacking, XSSHeader
Constant Summary
collapse
- SIGNATURE =
[1, 1, 2]
- VERSION =
SIGNATURE.join('.')
Class Method Summary
collapse
Class Method Details
.new(app, options = {}) ⇒ Object
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# File 'lib/rack/protection.rb', line 19
def self.new(app, options = {})
except = Array options[:except]
Rack::Builder.new do
use EscapedParams, options unless except.include? :escaped_params
use FrameOptions, options unless except.include? :frame_options
use IPSpoofing, options unless except.include? :ip_spoofing
use JsonCsrf, options unless except.include? :json_csrf
use PathTraversal, options unless except.include? :path_traversal
use RemoteToken, options unless except.include? :remote_token
use SessionHijacking, options unless except.include? :session_hijacking
use XSSHeader, options unless except.include? :xss_header
run app
end.to_app
end
|
.version ⇒ Object
3
4
5
|
# File 'lib/rack/protection/version.rb', line 3
def self.version
VERSION
end
|