From 09e10ef643f00c6b4c5877438ed50d2a5f199522 Mon Sep 17 00:00:00 2001 From: adamliesko Date: Sat, 5 Dec 2015 22:58:31 +0100 Subject: Allow regexp for a allowed_request_origins array --- lib/action_cable/connection/base.rb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb index b93b6a8a50..95af9c2928 100644 --- a/lib/action_cable/connection/base.rb +++ b/lib/action_cable/connection/base.rb @@ -172,7 +172,7 @@ module ActionCable def allow_request_origin? return true if server.config.disable_request_forgery_protection - if Array(server.config.allowed_request_origins).include? env['HTTP_ORIGIN'] + if Array(server.config.allowed_request_origins).any? { |allowed_origin| allowed_origin === env['HTTP_ORIGIN'] } true else logger.error("Request origin not allowed: #{env['HTTP_ORIGIN']}") @@ -180,6 +180,11 @@ module ActionCable end end + def allowed_origins_match? origin + allowed_origins = Array(server.config.allowed_request_origins) + allowed_origins.any? { |allowed_origin| allowed_origin.is_a?(Regexp) ? allowed_origin =~ origin : allowed_origin == origin } + end + def respond_to_successful_request websocket.rack_response end -- cgit v1.2.3 From 1c6fb5e3975a96e70684965ca47291206caab6c3 Mon Sep 17 00:00:00 2001 From: adamliesko Date: Sun, 13 Dec 2015 12:47:08 +0100 Subject: Remove unused method allowed_origins in Connection::Base --- lib/action_cable/connection/base.rb | 5 ----- 1 file changed, 5 deletions(-) (limited to 'lib') diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb index 95af9c2928..7e9eec7508 100644 --- a/lib/action_cable/connection/base.rb +++ b/lib/action_cable/connection/base.rb @@ -180,11 +180,6 @@ module ActionCable end end - def allowed_origins_match? origin - allowed_origins = Array(server.config.allowed_request_origins) - allowed_origins.any? { |allowed_origin| allowed_origin.is_a?(Regexp) ? allowed_origin =~ origin : allowed_origin == origin } - end - def respond_to_successful_request websocket.rack_response end -- cgit v1.2.3