From f023a7a672e572894e06383d2addb0f6b6b3ca79 Mon Sep 17 00:00:00 2001
From: single-right-quote
 <34298117+single-right-quote@users.noreply.github.com>
Date: Wed, 1 Sep 2021 00:19:01 +0000
Subject: [PATCH] Allow access to the instance through subdomains of
 glitch.cat.family

Rails 6 forces you to whitelist what domain names an application
may be accessed from. while it is possible to supply a regular
expression, it is not clear how to do this when mastodon parses the
environment variable you supply the regex from. meanwhile, disabling
whitelisting entirely DOES work

this is theoretically less secure; if we can find a way to supply a
regex, that would be preferable.

	--- yr cat
---
 config/initializers/1_hosts.rb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/config/initializers/1_hosts.rb b/config/initializers/1_hosts.rb
index 6ff0845c4..cbb1c3dee 100644
--- a/config/initializers/1_hosts.rb
+++ b/config/initializers/1_hosts.rb
@@ -32,5 +32,10 @@ Rails.application.configure do
     config.hosts << web_host if web_host.present?
     config.hosts.concat(alternate_domains) if alternate_domains.present?
     config.host_authorization = { exclude: ->(request) { request.path == '/health' } }
+
+    # actually, don't whitelist at all
+    # it may be possible to use regexes in ALTERNATE_DOMAINS but it seems not to work
+    #     ---yr cat
+    config.hosts.clear
   end
 end
-- 
2.47.3