Drop-in Rails engine that patches link_to to block dangerous protocols (javascript:, data:, vbscript:) and provides a URL validator to prevent SSRF via private/local IP resolution.
Required Ruby Version
>= 3.1
Authors
mfo
Drop-in Rails engine that patches link_to to block dangerous protocols (javascript:, data:, vbscript:) and provides a URL validator to prevent SSRF via private/local IP resolution.
>= 3.1
mfo