If you’re upgrading to Rails 6 you may find the following error in your browser:
To allow requests to hostname, add the following to your environment configuration: config.hosts << "hostname"
You ran into Host Authorization, new middleware included in Rails to prevent against DNS rebinding attacks.
By default this feature allows requests from
localhost. There are basically two ways to work around this.
The first option is to whitelist the development hostname in
Rails.application.configure do # Whitelist one hostname config.hosts << "hostname" # Whitelist a test domain. Rails adds \A and \z around # your regular expressions. config.hosts << /application\.local/ end
The second option is to clear the entire whitelist, which lets through requests for all hostnames.
Rails.application.configure do config.hosts.clear end
Never whitelist everything in production as it essentially turns off the feature.