NAME

Plack::Middleware::RefererCheck - check referer for defensive CSRF attack.

SYNOPSIS

  use Plack::Builder;

  builder {
      enable 'RefererCheck', host => 'www.example.com', same_scheme => 1, error_app => sub { [403, [], ['Forbidden']] };
      $app;
  };
 
  or more simply(host from $env->{HTTP_HOST} and same_scheme => 0)
  # this is vulnerabilly for DNS Rebinding
  builder {
      enable 'RefererCheck';
      $app;
  };

DESCRIPTION

Plack::Middleware::RefererCheck

CONFIGURATION

host: Instead of using $env->{HTTP_HOST} if you set.
same_scheme: Check if you are setting "1" the same scheme.default: "0"
error_app: Is an PSGI-app that runs on errors.default: return 403 Forbidden app.

AUTHOR

Masahiro Chiba

LICENSE

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)