Plack::Middleware::CSRFBlock helps blocking Cross-Site Request Forgeries,
and can be used without any modifications to your application, in
most cases.
.
When the application response Content-type header is "text/html" or
"application/xhtml+xml", this middleware inserts a hidden input tag
that contains a token string into all POST-forms found in the
response body.
.
For every POST requests, this middleware ensures that the input
parameters contain the correct token parameter. If not found, the
middleware throws an HTTP error 403 (Forbidden) and the forged
request does not even reach your application.
Installed Size: 41.0 kB
Architectures: all