diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2015-12-11 17:21:13 +0100 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2015-12-11 17:21:13 +0100 |
| commit | 2b4aa9a173eeda96a8d827c5bdd9ad8e41e6abf1 (patch) | |
| tree | 06995a581fcdaaeb1b4ecd3ace55eee8423b57cf | |
| parent | 0e283fed20ce7a25ddb0e8993d50c0e16e78d30d (diff) | |
| parent | e17b65e46b725d222032473dddbb308565790f45 (diff) | |
| download | rails-2b4aa9a173eeda96a8d827c5bdd9ad8e41e6abf1.tar.gz rails-2b4aa9a173eeda96a8d827c5bdd9ad8e41e6abf1.tar.bz2 rails-2b4aa9a173eeda96a8d827c5bdd9ad8e41e6abf1.zip | |
Merge pull request #126 from mikecarroll/add_allowed_request_origins_to_readme
README.md instructions for configuring allowed request origins
| -rw-r--r-- | README.md | 27 |
1 files changed, 24 insertions, 3 deletions
@@ -274,8 +274,11 @@ See the [rails/actioncable-examples](http://github.com/rails/actioncable-example ## Configuration -The only must-configure part of Action Cable is the Redis connection. By default, `ActionCable::Server::Base` will look for a configuration -file in `Rails.root.join('config/redis/cable.yml')`. The file must follow the following format: +Action Cable has two required configurations: the Redis connection and specifying allowed request origins. + +### Redis + +By default, `ActionCable::Server::Base` will look for a configuration file in `Rails.root.join('config/redis/cable.yml')`. The file must follow the following format: ```yaml production: &production @@ -299,6 +302,24 @@ a Rails initializer with something like: ActionCable.server.config.redis_path = Rails.root('somewhere/else/cable.yml') ``` +### Allowed Request Origins + +Action Cable will only accepting requests from specified origins, which are passed to the server config as an array: + +```ruby +ActionCable.server.config.allowed_request_origins = %w( http://rubyonrails.com ) +``` + +To disable and allow requests from any origin: + +```ruby +ActionCable.server.config.disable_request_forgery_protection = true +``` + +By default, Action Cable allows all requests from localhost:3000 when running in the development environment. + +### Other Configurations + The other common option to configure is the log tags applied to the per-connection logger. Here's close to what we're using in Basecamp: ```ruby @@ -416,4 +437,4 @@ Action Cable is released under the MIT license: Bug reports can be filed for the alpha development project here: -* https://github.com/rails/actioncable/issues +* https://github.com/rails/actioncable/issues
\ No newline at end of file |