class Rack::Protection::RemoteToken
- Compatible with Rails and rack-csrf.
included in the session or the request comes from the same origin.
Only accepts unsafe HTTP requests if a given access token matches the token
More infos - en.wikipedia.org/wiki/Cross-site_request_forgery<br>Supported browsers
- all
Prevented attack -
CSRF
#
- all
def accepts?(env)
def accepts?(env) super or referrer(env) == Request.new(env).host end