mirror of https://github.com/rails/rails
fix: correct config.host_authorization reference
The Middleware `ActionDispatch::HostAuthorization` configuration documentation references `config.host_configuration`. Correct this to `config.host_authorization` to match the source code documentation in `action_dispatch/middleware/host_authorization.rb`.
This commit is contained in:
parent
8f39fbe18a
commit
ef291097fc
|
@ -507,21 +507,21 @@ Rails.application.config.hosts << ".product.com"
|
|||
```
|
||||
|
||||
You can exclude certain requests from Host Authorization checks by setting
|
||||
`config.host_configuration.exclude`:
|
||||
`config.host_authorization.exclude`:
|
||||
|
||||
```ruby
|
||||
# Exclude requests for the /healthcheck/ path from host checking
|
||||
Rails.application.config.host_configuration = {
|
||||
Rails.application.config.host_authorization = {
|
||||
exclude: ->(request) { request.path =~ /healthcheck/ }
|
||||
}
|
||||
```
|
||||
|
||||
When a request comes to an unauthorized host, a default Rack application
|
||||
will run and respond with `403 Forbidden`. This can be customized by setting
|
||||
`config.host_configuration.response_app`. For example:
|
||||
`config.host_authorization.response_app`. For example:
|
||||
|
||||
```ruby
|
||||
Rails.application.config.host_configuration = {
|
||||
Rails.application.config.host_authorization = {
|
||||
response_app: -> env do
|
||||
[400, { "Content-Type" => "text/plain" }, ["Bad Request"]]
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue