Module: GoogleSignIn::RedirectProtector

Extended by:: RedirectProtector

Included in:: RedirectProtector

Defined in:: lib/google_sign_in/redirect_protector.rb

Defined Under Namespace

Classes: Violation

Constant Summary collapse

QUALIFIED_URL_PATTERN =

/\A#{URI::DEFAULT_PARSER.make_regexp}\z/

Instance Method Summary collapse

#ensure_same_origin(target, source) ⇒ Object

Instance Method Details

#ensure_same_origin(target, source) ⇒ `Object`

# File 'lib/google_sign_in/redirect_protector.rb', line 11

def ensure_same_origin(target, source)
  unless uri_same_origin?(target, source) || absolute_path?(target)
    raise Violation, "Redirect target #{target.inspect} does not have same origin as request #{source.inspect}"
  end
end