MCPcopy Index your code
hub / github.com/google/adk-python / _is_request_origin_allowed

Function _is_request_origin_allowed

src/google/adk/cli/api_server.py:197–213  ·  view source on GitHub ↗

Validate an Origin header against explicit config or same-origin.

(
    origin: str,
    scope: dict[str, Any],
    allowed_literal_origins: list[str],
    allowed_origin_regex: Optional[re.Pattern[str]],
    has_configured_allowed_origins: bool,
)

Source from the content-addressed store, hash-verified

195
196
197def _is_request_origin_allowed(
198 origin: str,
199 scope: dict[str, Any],
200 allowed_literal_origins: list[str],
201 allowed_origin_regex: Optional[re.Pattern[str]],
202 has_configured_allowed_origins: bool,
203) -> bool:
204 """Validate an Origin header against explicit config or same-origin."""
205 if has_configured_allowed_origins and _is_origin_allowed(
206 origin, allowed_literal_origins, allowed_origin_regex
207 ):
208 return True
209
210 request_origin = _get_request_origin(scope)
211 if request_origin is None:
212 return False
213 return origin == request_origin
214
215
216_SAFE_HTTP_METHODS = frozenset({"GET", "HEAD", "OPTIONS"})

Callers 2

__call__Method · 0.85
run_agent_liveMethod · 0.85

Calls 2

_is_origin_allowedFunction · 0.85
_get_request_originFunction · 0.85

Tested by

no test coverage detected