class ActionDispatch::HostAuthorization

def authorized?(request)
  origin_host = request.get_header("HTTP_HOST")
  forwarded_host = request.x_forwarded_host&.split(/,\s?/)&.last
  @permissions.allows?(origin_host) && (forwarded_host.blank? || @permissions.allows?(forwarded_host))
end