Replace origin_permitted with permitted_origins

2023-03-27 23:18:01 -04:00 · 2020-07-11 18:29:05 +02:00 · 2020-07-11 18:29:05 +02:00 · 472b61045d
commit 472b61045d
parent 166da3084d
2 changed files with 4 additions and 4 deletions
--- a/rack-protection/lib/rack/protection/http_origin.rb
+++ b/rack-protection/lib/rack/protection/http_origin.rb
@ -11,9 +11,9 @@ module Rack
    # Does not accept unsafe HTTP requests when value of Origin HTTP request header
    # does not match default or permitted URIs.
    #
-    # If you want to permit a specific domain, you can pass in as the `:origin_permitted` option:
+    # If you want to permit a specific domain, you can pass in as the `:permitted_origins` option:
    #
-    #     use Rack::Protection, origin_permitted: ["http://localhost:3000", "http://127.0.01:3000"]
+    #     use Rack::Protection, permitted_origins: ["http://localhost:3000", "http://127.0.01:3000"]
    #
    # The `:allow_if` option can also be set to a proc to use custom allow/deny logic.
    class HttpOrigin < Base
@ -38,7 +38,7 @@ module Rack
            "use origin_whitelist instead.\n"
        end

-        permitted_origins = options[:origin_permitted] || options[:origin_whitelist]
+        permitted_origins = options[:permitted_origins] || options[:origin_whitelist]
        Array(permitted_origins).include? origin
      end

--- a/rack-protection/spec/lib/rack/protection/http_origin_spec.rb
+++ b/rack-protection/spec/lib/rack/protection/http_origin_spec.rb
@ -37,7 +37,7 @@ describe Rack::Protection::HttpOrigin do

    it "accepts #{method} requests with whitelisted Origin" do
      mock_app do
-        use Rack::Protection::HttpOrigin, :origin_permitted => ['http://www.friend.com']
+        use Rack::Protection::HttpOrigin, :permitted_origins => ['http://www.friend.com']
        run DummyApp
      end
      expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://www.friend.com')).to be_ok