From 09e10ef643f00c6b4c5877438ed50d2a5f199522 Mon Sep 17 00:00:00 2001
From: adamliesko <adamliesko@gmail.com>
Date: Sat, 5 Dec 2015 22:58:31 +0100
Subject: Allow regexp for a allowed_request_origins array

---
 lib/action_cable/connection/base.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb
index b93b6a8a50..95af9c2928 100644
--- a/lib/action_cable/connection/base.rb
+++ b/lib/action_cable/connection/base.rb
@@ -172,7 +172,7 @@ module ActionCable
         def allow_request_origin?
           return true if server.config.disable_request_forgery_protection
 
-          if Array(server.config.allowed_request_origins).include? env['HTTP_ORIGIN']
+          if Array(server.config.allowed_request_origins).any? { |allowed_origin|  allowed_origin === env['HTTP_ORIGIN'] }
             true
           else
             logger.error("Request origin not allowed: #{env['HTTP_ORIGIN']}")
@@ -180,6 +180,11 @@ module ActionCable
           end
         end
 
+        def allowed_origins_match? origin
+          allowed_origins = Array(server.config.allowed_request_origins)
+          allowed_origins.any? { |allowed_origin| allowed_origin.is_a?(Regexp) ? allowed_origin =~ origin : allowed_origin == origin }
+        end
+
         def respond_to_successful_request
           websocket.rack_response
         end
-- 
cgit v1.2.3


From 1c6fb5e3975a96e70684965ca47291206caab6c3 Mon Sep 17 00:00:00 2001
From: adamliesko <adamliesko@gmail.com>
Date: Sun, 13 Dec 2015 12:47:08 +0100
Subject: Remove unused method allowed_origins in Connection::Base

---
 lib/action_cable/connection/base.rb | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'lib')

diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb
index 95af9c2928..7e9eec7508 100644
--- a/lib/action_cable/connection/base.rb
+++ b/lib/action_cable/connection/base.rb
@@ -180,11 +180,6 @@ module ActionCable
           end
         end
 
-        def allowed_origins_match? origin
-          allowed_origins = Array(server.config.allowed_request_origins)
-          allowed_origins.any? { |allowed_origin| allowed_origin.is_a?(Regexp) ? allowed_origin =~ origin : allowed_origin == origin }
-        end
-
         def respond_to_successful_request
           websocket.rack_response
         end
-- 
cgit v1.2.3