bool isRequestOriginAllowed(HttpRequest request)

Whether or not this policy allows the Origin of the request.

Will return true if allowedOrigins contains the case-sensitive Origin of the request, or that allowedOrigins contains *. This method is invoked internally by RequestControllers that have a RequestController.policy.

Source

bool isRequestOriginAllowed(HttpRequest request) {
  if (allowedOrigins.contains("*")) {
    return true;
  }

  var origin = request.headers.value("origin");
  if (allowedOrigins.contains(origin)) {
    return true;
  }

  return false;
}