Class Rack::Protection::JsonCsrf
In: lib/rack/protection/json_csrf.rb
Parent: Base
Prevented attack:CSRF
Supported browsers:all
More infos:flask.pocoo.org/docs/security/#json-security

JSON GET APIs are vulnerable to being embedded as JavaScript while the Array prototype has been patched to track data. Checks the referrer even on GET requests if the content type is JSON.

Methods

call   has_vector?  

External Aliases

deny -> react

Public Instance methods

[Validate]