diff --git a/csrf.go b/csrf.go index 9b8b93e..03b11b3 100644 --- a/csrf.go +++ b/csrf.go @@ -24,6 +24,11 @@ func strictReferrerCheck(r *http.Request, prefix string, whitelistHeaders []stri } referrer := r.Header.Get("Referer") + + if referrer == "" { + return true + } + u, _ := url.Parse(referrer) return sameOrigin(u, p) } diff --git a/templates/400.html b/templates/400.html index 11f3e87..b1d40af 100644 --- a/templates/400.html +++ b/templates/400.html @@ -1,5 +1,7 @@ {% extends "base.html" %} {% block content %} -400 Bad Request +