class Rack::Protection::HttpOrigin

def accepts?(env)

def accepts?(env)
  return true if safe? env
  return true unless origin = env['HTTP_ORIGIN']
  return true if base_url(env) == origin
  return true if options[:allow_if] && options[:allow_if].call(env)
  if options.key? :origin_whitelist
    warn env, "Rack::Protection origin_whitelist option is deprecated and will be removed, " \
      "use permitted_origins instead.\n"
  end
  permitted_origins = options[:permitted_origins] || options[:origin_whitelist]
  Array(permitted_origins).include? origin
end

Instance Methods

# accepts?
# base_url

Modules

Classes

class Rack::Protection::HttpOrigin

def accepts?(env)

Instance Methods