class ActionDispatch::HostAuthorization

def blocked_hosts(request)

def blocked_hosts(request)
  hosts = []
  origin_host = request.get_header("HTTP_HOST")
  hosts << origin_host unless @permissions.allows?(origin_host)
  forwarded_host = request.x_forwarded_host&.split(/,\s?/)&.last
  hosts << forwarded_host unless forwarded_host.blank? || @permissions.allows?(forwarded_host)
  hosts
end

Instance Methods