Method: Clearance::Configuration#same_site
- Defined in:
- lib/clearance/configuration.rb
#same_site ⇒ String
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to
mitigate the risk of CSRF and information leakage attacks by asserting
that a particular cookie should only be sent with requests initiated from
the same registrable domain.
Defaults to nil. For more, see
RFC6265.
and https://github.com/rack/rack/blob/6eda04886e3a57918ca2d6a482fda02a678fef0a/lib/rack/utils.rb#L232-L244
60 61 62 |
# File 'lib/clearance/configuration.rb', line 60 def same_site @same_site end |