mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 13:03:45 +08:00
af4938baf1
This reverts commit e3de45359f.
We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
26 lines
812 B
Ruby
26 lines
812 B
Ruby
# frozen_string_literal: true
|
|
|
|
module Middleware
|
|
class EnforceHostname
|
|
def initialize(app, settings = nil)
|
|
@app = app
|
|
end
|
|
|
|
def call(env)
|
|
# enforces hostname to match the hostname of our connection
|
|
# this middleware lives after rails multisite so at this point
|
|
# Discourse.current_hostname MUST be canonical, enforce it so
|
|
# all Rails helpers are guarenteed to use it unconditionally and
|
|
# never generate incorrect links
|
|
env[Rack::Request::HTTP_X_FORWARDED_HOST] = nil
|
|
|
|
allowed_hostnames = RailsMultisite::ConnectionManagement.current_db_hostnames
|
|
requested_hostname = env[Rack::HTTP_HOST]
|
|
|
|
env[Rack::HTTP_HOST] = allowed_hostnames.find { |h| h == requested_hostname } || Discourse.current_hostname
|
|
|
|
@app.call(env)
|
|
end
|
|
end
|
|
end
|