From c81d2f53c5b82a5f5eb75daf60ff72eae24b780c Mon Sep 17 00:00:00 2001
From: Ryan Petrello <rpetrell@redhat.com>
Date: Tue, 24 Jul 2018 15:06:42 -0400
Subject: [PATCH] slightly refactor origin validity checks

---
 awx/main/consumers.py | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/awx/main/consumers.py b/awx/main/consumers.py
index 2a4855a92e..66b2d0c4dd 100644
--- a/awx/main/consumers.py
+++ b/awx/main/consumers.py
@@ -27,7 +27,8 @@ def origin_is_valid(message, trusted_values):
             client = urlparse(origin)
             trusted = urlparse(trusted)
         except (AttributeError, ValueError):
-            # if we can't parse the origin header, fall back to the else block
+            # if we can't parse a hostname, consider it invalid and try the
+            # next one
             pass
         else:
             # if we _can_ parse the origin header, verify that it's trusted
@@ -36,15 +37,13 @@ def origin_is_valid(message, trusted_values):
                 is_same_domain(client.netloc, trusted.netloc)
             ):
                 # the provided Origin matches at least _one_ whitelisted host,
-                # break out and accept the connection
-                break
-    else:
-        logger.error((
-            "ws:// origin header mismatch {} not in {}; consider adding {} to "
-            "settings.WEBSOCKET_ORIGIN_WHITELIST if it's a trusted host."
-        ).format(origin, trusted_values, origin))
-        return False
-    return True
+                # return True
+                return True
+    logger.error((
+        "ws:// origin header mismatch {} not in {}; consider adding {} to "
+        "settings.WEBSOCKET_ORIGIN_WHITELIST if it's a trusted host."
+    ).format(origin, trusted_values, origin))
+    return False