@ -24,6 +24,11 @@ func strictReferrerCheck(r *http.Request, prefix string, whitelistHeaders []stri
}
referrer := r.Header.Get("Referer")
if referrer == "" {
return true
u, _ := url.Parse(referrer)
return sameOrigin(u, p)
@ -1,5 +1,7 @@
{% extends "base.html" %}
{% block content %}
<div id="main">
400 Bad Request
</div>
{% endblock %}
401 Unauthorized