发表新帖
发表新帖

Upgraded Rails to 6, getting Blocked host Error

后端 未结
关注
6 1597
闹比i
闹比i 2021-02-03 19:41

I needed the new function in ActiveStorage to resize_to_fill so I upgraded to Ruby 2.5.1 and Rails 6.

ruby \'2.5.1\'

gem \"rails\", github: \"rails/rails\"
相关标签:
6条回答
  • 清酒与你
    2021-02-03 20:20

    The Blocked Host is a new feature of Rails 6. You can add this pattern to your config/environments/development.rb to have no worries of that in case of dynamic urls

    config.hosts << /[a-z0-9]+\.c9users\.io/

    Also for ngrok user, just replace above c9users by ngrok

    Source: https://github.com/MikeRogers0/puma-ngrok-tunnel

    0 讨论(0)
  • 清酒与你
    2021-02-03 20:21

    This article worked for me:

    1. The first option is to whitelist the hostnames in config/environments/development.rb:

      Rails.application.configure do
  config.hosts << "hostname" # Whitelist one hostname
  config.hosts << /application\.local\Z/ # Whitelist a test domain
end

    2. The second option is to clear the entire whitelist, which lets through requests for all hostnames:

      Rails.application.configure do
  config.hosts.clear
end

    Credit goes to Manfred Stienstra.

    0 讨论(0)
  • 别那么骄傲
    2021-02-03 20:22

    As I said above in my comment, here's what I did. Reposted due to down-votes.

    I added Rails.application.config.hosts << "xxxxxxx-xxxxxxx.c9users.io" to config/application.rb and it fixed my test app fine. Then I did it to my real app and it also worked. The problem is, Devise threw an error as well, which apparently won't be fixed until at least Rails 6 beta. I guess I'm going back to Carrierwave for my image sizing needs until ActiveStorage is more mature.

    0 讨论(0)
  • 感情败类
    2021-02-03 20:30

    If you want to disable this functionality on your development environment, you can set

    config.hosts = nil in config/environments/development.rb.

    0 讨论(0)
  • 春和景丽
    2021-02-03 20:33

    Simple solution:

    Add this line to config/environments/development.rb

    config.hosts << /[a-z0-9]+\.ngrok\.io/

    Restart your rails server and it will work

    0 讨论(0)
  • 轮回少年
    2021-02-03 20:39

    In Rails 6 Action Pack introduced ActionDispatch::HostAuthorization and by default allows only [IPAddr.new(“0.0.0.0/0”), IPAddr.new(“::/0”), “localhost”]

    You can add arrays of RegExp, Proc, IPAddr and String or a single String in the file config/application.rb like this

    class Application < Rails::Application
  config.hosts << "xxxxxxx-xxxxxxx.c9users.io"
  ...
end

    From "https://drivy.engineering/rails-6-unnoticed-features":

    Rails 6 added a new middleware called ActionDispatch::HostAuthorization allowing you to whitelist some hosts for your application and preventing Host header attacks. You can easily configure it with a String, IPAddr, Proc and RegExp (useful when dealing with wildcard domains).

    0 讨论(0)
 看不清?
提交回复
热议问题