diff options
author | Genadi Samokovarov <gsamokovarov@gmail.com> | 2019-01-29 18:47:55 +0200 |
---|---|---|
committer | Genadi Samokovarov <gsamokovarov@gmail.com> | 2019-02-03 10:58:10 +0200 |
commit | ca62dfeede0c5352baf6c65688c71b9cd909c831 (patch) | |
tree | 6f0e9b85ba73f70bfc0b99b41ee2491a0f691ef8 /railties/CHANGELOG.md | |
parent | 8309cd2c68f548987b8447475c7735a19714baaa (diff) | |
download | rails-ca62dfeede0c5352baf6c65688c71b9cd909c831.tar.gz rails-ca62dfeede0c5352baf6c65688c71b9cd909c831.tar.bz2 rails-ca62dfeede0c5352baf6c65688c71b9cd909c831.zip |
Cleanup the whitelisting references after #33145
During the development of #33145, I have named a few concepts in the
code as `whitelisted`. We decided to stay away from the term and I
adjusted most of the code afterwards, but here are the cases I forgot to
change.
I also found a case in the API guide that we could have cleaned up as
well.
[ci skip]
Diffstat (limited to 'railties/CHANGELOG.md')
-rw-r--r-- | railties/CHANGELOG.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/railties/CHANGELOG.md b/railties/CHANGELOG.md index e55217c5c4..19f4de8a1d 100644 --- a/railties/CHANGELOG.md +++ b/railties/CHANGELOG.md @@ -75,7 +75,7 @@ In other environments `Rails.application.config.hosts` is empty and no `Host` header checks will be done. If you want to guard against header - attacks on production, you have to manually whitelist the allowed hosts + attacks on production, you have to manually permit the allowed hosts with: Rails.application.config.hosts << "product.com" @@ -88,7 +88,7 @@ # `beta1.product.com`. Rails.application.config.hosts << /.*\.product\.com/ - A special case is supported that allows you to whitelist all sub-domains: + A special case is supported that allows you to permit all sub-domains: # Allow requests from subdomains like `www.product.com` and # `beta1.product.com`. |