NAME

NAME
Plack::Middleware::RefererCheck - check referer for defensive CSRF
attack.

SYNOPSIS
use Plack::Builder;

builder {
enable 'RefererCheck', host => 'www.example.com', same_scheme => 1, error_app => sub { [403, [], ['Forbidden']] };
$app;
};

or more simply(host from $env->{HTTP_HOST} and same_scheme => 0)
# this is vulnerabilly for DNS Rebinding
builder {
enable 'RefererCheck';
$app;
};

DESCRIPTION
Plack::Middleware::RefererCheck

CONFIGURATION
host
Instead of using $env->{HTTP_HOST} if you set.

same_scheme
Check if you are setting "1" the same scheme.default: "0"

error_app
Is an PSGI-app that runs on errors.default: return 403 Forbidden
app.

AUTHOR
Masahiro Chiba

LICENSE
This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.

SEE ALSO
Plack::Middleware Plack::Builder