class PactBroker::UI::Controllers::Base

Public Instance Methods

base_url() click to toggle source
# File lib/pact_broker/ui/controllers/base_controller.rb, line 14
def base_url
  # Using the X-Forwarded headers in the UI can leave the app vulnerable
  # https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
  # Either use the explicitly configured base url or an empty string,
  # rather than request.base_url, which uses the X-Forwarded headers.
  env["pactbroker.base_url"] || ""
end