instance method `allow_request_origin?`

Ruby on Rails 5.2.8.1

Since v5.2.8.1 Private

Available in: v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2

Compare with:

allow_request_origin?()

No documentation comment.

Source

# File actioncable/lib/action_cable/connection/base.rb, line 197
        def allow_request_origin?
          return true if server.config.disable_request_forgery_protection

          proto = Rack::Request.new(env).ssl? ? "https" : "http"
          if server.config.allow_same_origin_as_host && env["HTTP_ORIGIN"] == "#{proto}://#{env['HTTP_HOST']}"
            true
          elsif Array(server.config.allowed_request_origins).any? { |allowed_origin|  allowed_origin === env["HTTP_ORIGIN"] }
            true
          else
            logger.error("Request origin not allowed: #{env['HTTP_ORIGIN']}")
            false
          end
        end

Defined in actioncable/lib/action_cable/connection/base.rb line 197 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActionCable::Connection::Base

Signature