-
Hartley McGuire authored
Previously, when a Request had a non-authorized HTTP_HOST but an authorized HTTP_X_FORWARDED_HOST, the HTTP_X_FORWARDED_HOST value would be displayed as the one being blocked. However, this could be confusing for users since that value would already be added to `config.hosts`. This commit addresses the issue by tweaking how the blocked host is displayed. Instead of always displaying Request#host (which will return X_FORWARDED_HOST when present whether or not that's the host being blocked), each host being blocked will be displayed on its own. Co-authored-by:Daniel Schlosser <Eusebius1920@users.noreply.github.com>
Hartley McGuire authoredPreviously, when a Request had a non-authorized HTTP_HOST but an authorized HTTP_X_FORWARDED_HOST, the HTTP_X_FORWARDED_HOST value would be displayed as the one being blocked. However, this could be confusing for users since that value would already be added to `config.hosts`. This commit addresses the issue by tweaking how the blocked host is displayed. Instead of always displaying Request#host (which will return X_FORWARDED_HOST when present whether or not that's the host being blocked), each host being blocked will be displayed on its own. Co-authored-by:
Loading