method

authorized?

v6.1.3.1 - Show latest stable - Class: ActionDispatch::HostAuthorization

authorized?(request)

private

No documentation available.

# File actionpack/lib/action_dispatch/middleware/host_authorization.rb, line 105
      def authorized?(request)
        valid_host = /
          \A
          (?<host>[a-z0-9.-]+|\[[a-f0-9]*:[a-f0-9.:]+\])
          (:\d+)?
          \z
        /

        origin_host = valid_host.match(
          request.get_header("HTTP_HOST").to_s.downcase)
        forwarded_host = valid_host.match(
          request.x_forwarded_host.to_s.split(/,\s?/).last)

        origin_host && @permissions.allows?(origin_host[:host]) && (
          forwarded_host.nil? || @permissions.allows?(forwarded_host[:host]))
      end

authorized?

Related methods