123456789_123456789_123456789_123456789_123456789_

Class: ActionDispatch::HostAuthorization::Permissions

Do not use. This class is for internal use only.
Relationships & Source Files
Inherits: Object
Defined in: actionpack/lib/action_dispatch/middleware/host_authorization.rb

Class Method Summary

Instance Attribute Summary

Instance Method Summary

Constructor Details

.new(hosts) ⇒ Permissions

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 36

def initialize(hosts)
  @hosts = sanitize_hosts(hosts)
end

Instance Attribute Details

#empty?Boolean (readonly)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 40

def empty?
  @hosts.empty?
end

Instance Method Details

#allows?(host) ⇒ Boolean

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 44

def allows?(host)
  @hosts.any? do |allowed|
    if allowed.is_a?(IPAddr)
      begin
        allowed === extract_hostname(host)
      rescue
        # IPAddr#=== raises an error if you give it a hostname instead of IP. Treat
        # similar errors as blocked access.
        false
      end
    else
      allowed === host
    end
  end
end

#extract_hostname(host) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 83

def extract_hostname(host)
  host.slice(VALID_IP_HOSTNAME, "host") || host
end

#sanitize_hosts(hosts) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 61

def sanitize_hosts(hosts)
  Array(hosts).map do |host|
    case host
    when Regexp then sanitize_regexp(host)
    when String then sanitize_string(host)
    else host
    end
  end
end

#sanitize_regexp(host) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 71

def sanitize_regexp(host)
  /\A#{host}#{PORT_REGEX}?\z/
end

#sanitize_string(host) (private)

[ GitHub ]

  
# File 'actionpack/lib/action_dispatch/middleware/host_authorization.rb', line 75

def sanitize_string(host)
  if host.start_with?(".")
    /\A#{SUBDOMAIN_REGEX}?#{Regexp.escape(host[1..-1])}#{PORT_REGEX}?\z/i
  else
    /\A#{Regexp.escape host}#{PORT_REGEX}?\z/i
  end
end