isRequestOriginAllowed method Null safety

bool isRequestOriginAllowed(
  1. HttpRequest request

Whether or not this policy allows the Origin of the request.

Will return true if allowedOrigins contains the case-sensitive Origin of the request, or that allowedOrigins contains *. This method is invoked internally by Controllers that have a Controller.policy.


bool isRequestOriginAllowed(HttpRequest request) {
  if (allowedOrigins.contains("*")) {
    return true;

  var origin = request.headers.value("origin");
  if (allowedOrigins.contains(origin)) {
    return true;

  return false;