kotovalexarian-likes-github/sinatra
1
0
Fork 0
mirror of https://github.com/sinatra/sinatra synced 2023-03-27 23:18:01 -04:00
Code Releases Activity

Use HTTP Origin by default

Browse source
This commit is contained in:
Alex Rodionov 2012-01-30 15:57:25 +07:00
parent c7161e1c73
commit 47e4fb289a
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
rack-protection/lib/rack/protection.rb
View file

@ -8,6 +8,7 @@ module Rack
autoload :EscapedParams, 'rack/protection/escaped_params'
autoload :FormToken, 'rack/protection/form_token'
autoload :FrameOptions, 'rack/protection/frame_options'
autoload :HttpOrigin, 'rack/protection/http_origin'
autoload :IPSpoofing, 'rack/protection/ip_spoofing'
autoload :JsonCsrf, 'rack/protection/json_csrf'
autoload :PathTraversal, 'rack/protection/path_traversal'
@ -21,6 +22,7 @@ module Rack
except = Array options[:except]
Rack::Builder.new do
use ::Rack::Protection::FrameOptions, options unless except.include? :frame_options
use ::Rack::Protection::HttpOrigin, options unless except.include? :http_origin
use ::Rack::Protection::IPSpoofing, options unless except.include? :ip_spoofing
use ::Rack::Protection::JsonCsrf, options unless except.include? :json_csrf
use ::Rack::Protection::PathTraversal, options unless except.include? :path_traversal