config: don't hardcode safebooru donmain.

app/logical/session_loader.rb

@@ -176,7 +176,7 @@ class SessionLoader
   end
 
   def set_safe_mode
-    safe_mode = request.host.match?(/safebooru/i) || params[:safe_mode].to_s.truthy? || CurrentUser.user.enable_safe_mode?
+    safe_mode = request.host.in?(Danbooru.config.safe_mode_hostnames) || params[:safe_mode].to_s.truthy? || CurrentUser.user.enable_safe_mode?
     CurrentUser.safe_mode = safe_mode
   end
 

config/danbooru_default_config.rb

@@ -66,6 +66,11 @@ module Danbooru
       Socket.gethostname
     end
 
+    # A list of alternate hostnames where safe mode will automatically be enabled.
+    def safe_mode_hostnames
+      ["safebooru.donmai.us"]
+    end
+
     # The URL of your site, e.g. https://danbooru.donmai.us.
     #
     # If you support HTTPS, change this to "https://www.mybooru.com". If you set

test/unit/session_loader_test.rb

@@ -23,8 +23,8 @@ class SessionLoaderTest < ActiveSupport::TestCase
     end
 
     context ".safe_mode?" do
-      should "return true if the host contains the string safebooru" do
+      should "return true if the hostname is safebooru.donmai.us" do
-        @request.stubs(:host).returns("safebooru")
+        @request.stubs(:host).returns("safebooru.donmai.us")
         SessionLoader.new(@request).load
 
         assert_equal(true, CurrentUser.safe_mode?)