The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>

A kind of Rack-Rscript web server which facilitates static files, cookie based authentication, and private pages.

Like rack-attack, but for GraphQL. This is under development.

A page in your app for pre-built queries

A tiny zero-config Rack App to serve static files

Rack-based minimal request router

middleware reporting requests to Ackee, self-hosted analytics tool for those who care about privacy. Alternative to using the client-side JS tracker.

Verifies JWT signature, validates claims (expiration, issuer), and handles public key retrieval to ensure requests are securely authenticated by an external SSO provider.

Monitoring and logging Content-Length.

Implement secure API request igning.

simple logger that outputs params, session, and cookies in fancy colors.

Ignores X-Forwarded-Host header to prevent malicious redirects

Health Check Middleware for Rails and Rack-based Applications

Authenticates signed server requests from a MicroService and resolves the MicroService.

HTTP_ACCEPT_LANGUAGE parser

The goal of this gem is to avoid depending on potentially forgeable headers down the line by configuring the deploy target properly. Forks https://github.com/pusher/rack-headers_filter to allow more configuration options when initializing the headers. Personally disagree with th...

Can be used e.g. to set CORS headers or selective caching of resources

Proxy that translates strings

Adds an X-Version header to each response set to an arbitrary version string read from a file.

Now you don't have to worry about bugs in your javascript code anymore!