我是Ruby和Sinatra的新手,我想知道如何才能实现这一目标。是否可以使用重定向到方法来验证用户是否来自有效的网页?
例如:
get '/show' do
erb :show
redirect '/otherpage'
end
get '/otherpage' do
flash[:message] = "How do I restrict access to this"
erb :otherpage
end
答案 0 :(得分:1)
您可以查看请求的Referer标头,但由于请求标头可能被欺骗,因此它不太可靠:
get 'show' do
# Implement `allowed?` yourself
redirect 'otherpage' if allowed? env['HTTP_REFERER']
erb :show
end
您可以在Cookie中添加签名,以防止Referer标头被欺骗。