Deprecated.

The maintainer of this distribution has indicated that it is deprecated and no longer suitable for use.

NAME

Plack::Middleware::RefererCheck - check referer for defensive CSRF attack.(DEPRECATED)

SYNOPSIS

 use Plack::Builder;

 builder {
     enable 'RefererCheck', host => 'www.example.com', same_scheme => 1, error_app => sub { [403, [], ['Forbidden']] };
     $app;
 };

 or more simply(host from $env->{HTTP_HOST} and same_scheme => 0)
 # this is vulnerabilly for DNS Rebinding
 builder {
     enable 'RefererCheck';
     $app;
 };

DESCRIPTION

Please note that this module has been DEPRECATED.

Because Referer is not required and RFC2616 strongly recommends that the user be able to select whether or not the field.

Please use other way. For example Plack::Middleware::CSRFBlock, Catalyst::Controller::RequestToken and Amon2::Plugin::Web::CSRFDefender.

CONFIGURATION

host: Instead of using $env->{HTTP_HOST} if you set.
same_scheme: Check if you are setting "1" the same scheme.default: "0"
error_app: Is an PSGI-app that runs on errors.default: return 403 Forbidden app.
no_warn: mute DEPRECATED warnings.

AUTHOR

Masahiro Chiba

LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)