# Set list of host that can interact with your app

require "sinatra/base"

class ExampleApp < Sinatra::Base
  # disable it for all environments
  set :host_authorization, { permitted_hosts: [] }

  # or... 

  # disable it only for development
  configure :development do
    set :host_authorization, { permitted_hosts: [] }
  end

  # but enable it for production for some domains
  configure :production do
    set :host_authorization, { permitted_hosts: [".example.com"] }
  end

  get("/") { "OK" }
end