9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# File 'lib/sq_auth/sq_auth_integration/sq_auth_rack_protection.rb', line 9
def self.alter_environment options={}
except_host = options[:host]
Rack::Protection::RemoteToken.class_exec(except_host) do |except|
const_set("HOST", except)
alias :old_accepts? :accepts?
def accepts?(env)
form_hash = env["rack.request.form_hash"]||{}
if referrer(env) == HOST && env["REQUEST_METHOD"] == "POST" && form_hash.keys.include?("sqauthsession")
true
else
old_accepts?(env)
end
end
end
end
|