This extension is part of the Rack::Protection project. Run gem install rack-protection to have it available.


Prevented attack

CSRF

Supported browsers

all

More infos

en.wikipedia.org/wiki/Cross-site_request_forgery

</dl>

Does not accept unsafe HTTP requests if the Referer [sic] header is set to a different host.