Reject referers that do not include an absolute path

2021-03-16 11:06:18 +00:00 · 2021-03-16 11:06:18 +00:00 · 93b8c47c8f
commit 93b8c47c8f
parent 7967c20673
1 changed files with 2 additions and 0 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -393,6 +393,8 @@ class ApplicationController < ActionController::Base
      referer = nil
    end

+    referer = nil if referer&.path&.first != "/"
+
    referer.to_s
  end
 end