From 6c911407f04f623ad6650afbf1a78f0c4ba60b8b Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Mon, 29 Oct 2012 18:51:27 +0100
Subject: [PATCH] make allowed_targets an option

---
 Gemfile.lock                                 |  2 +-
 lib/travis/api/app/endpoint/authorization.rb | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 5f8e6871..f6d754b1 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -62,7 +62,7 @@ GIT
 
 GIT
   remote: git://github.com/travis-ci/travis-support.git
-  revision: a350d17b705e3240ff4eae7973266ba36549acaa
+  revision: f78d9161369f574f12b9c0c0dbfe13b997766bdd
   specs:
     travis-support (0.0.1)
 
diff --git a/lib/travis/api/app/endpoint/authorization.rb b/lib/travis/api/app/endpoint/authorization.rb
index 3ab4e157..4851749b 100644
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@@ -39,8 +39,11 @@ class Travis::Api::App
     #
     # The entry point is [/auth/post_message](#/auth/post_message).
     class Authorization < Endpoint
-      set prefix: '/auth'
       enable :inline_templates
+      set prefix: '/auth', allowed_targets: %r{
+        ^ http://   (localhost|127\.0\.0\.1)(:\d+)?  $ |
+        ^ https://  ([\w\-_]+\.)?travis-ci\.(org|com) $
+      }x
 
       # Endpoint for retrieving an authorization code, which in turn can be used
       # to generate an access token.
@@ -222,10 +225,7 @@ class Travis::Api::App
         end
 
         def target_ok?(target_origin)
-          target_origin =~ %r{
-            ^ http://   (localhost|127\.0\.0\.1)(:\d+)?  $ |
-            ^ https://  ([\w\-_]+\.)?travis-ci\.(org|com) $
-          }x
+          target_origin =~ settings.allowed_targets
         end
     end
   end