class Marten::Middleware::ReferrerPolicy
- Marten::Middleware::ReferrerPolicy
- Marten::Middleware
- Reference
- Object
Overview
Sets the Referrer-Policy header in the response if it wasn't already set.
When this middleware is used, a Referrer-Policy header will be inserted into the HTTP response. The value for this
header is configurable in the referrer_policy setting. This header controls how much referrer information should
be included with requests made from your website to other origins. By setting this header, you can enhance the
privacy and security of your users by limiting the amount of information that is sent with outbound requests.
The possible values for the Referrer-Policy header include:
- no-referrer: The Referer header will be omitted entirely. No referrer information is sent with requests.
- no-referrer-when-downgrade: The Referer header will not be sent to less secure destinations (e.g., from HTTPS to HTTP), but will be sent to same or more secure destinations.
- origin: Only the origin of the document is sent as the referrer.
- origin-when-cross-origin: The full URL is sent as the referrer when performing a same-origin request, but only the origin is sent for cross-origin requests.
- same-origin: The Referer header is sent with same-origin requests, but not with cross-origin requests.
- strict-origin: Only the origin is sent as the referrer, and only for same-origin requests.
- strict-origin-when-cross-origin: The full URL is sent as the referrer when performing a same-origin request, but only the origin is sent for cross-origin requests. No referrer information is sent to less secure destinations.
- unsafe-url: The full URL is always sent as the referrer, regardless of the request's security.
You can configure the desired policy through the use of the referrer_policy setting.
Defined in:
marten/middleware/referrer_policy.crInstance Method Summary
-
#call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response
Calls the middleware for a given HTTP request and returns a HTTP response.
Instance methods inherited from class Marten::Middleware
call(request : Marten::HTTP::Request, get_response : Proc(Marten::HTTP::Response)) : Marten::HTTP::Response
call,
next : Nil | Middleware
next,
next=(next __arg0 : Nil | Middleware)
next=
Instance Method Detail
Calls the middleware for a given HTTP request and returns a HTTP response.
This method must be implemented by subclasses: it takes a request argument (the current HTTP request) and a
get_response proc that allows to get the final response. This proc might actually call the next middleware in
the chain of configured middlewares, or the final matched handler. That way, the current middleware have the
ability to intercept any incoming request and the associated response, and to modify them if applicable.