Class: PactBroker::UI::Controllers::Base
- Inherits:
-
Padrino::Application
- Object
- Padrino::Application
- PactBroker::UI::Controllers::Base
- Defined in:
- lib/pact_broker/ui/controllers/base_controller.rb
Instance Method Summary collapse
Instance Method Details
#base_url ⇒ Object
18 19 20 21 22 23 24 |
# File 'lib/pact_broker/ui/controllers/base_controller.rb', line 18 def base_url # Using the X-Forwarded headers in the UI can leave the app vulnerable # https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/ # Either use the explicitly configured base url or an empty string, # rather than request.base_url, which uses the X-Forwarded headers. env["pactbroker.base_url"] || "" end |