From 5d8fbc6ca1d9fa9571ffdd9037e2840a368ec46c Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Fri, 21 Oct 2016 17:56:34 +0200
Subject: [PATCH] Fix referer check

---
 src/lib/Hydra/Controller/Root.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lib/Hydra/Controller/Root.pm b/src/lib/Hydra/Controller/Root.pm
index 6353abf1..f64260ed 100644
--- a/src/lib/Hydra/Controller/Root.pm
+++ b/src/lib/Hydra/Controller/Root.pm
@@ -66,7 +66,7 @@ sub begin :Private {
         $referer //= $c->req->header('Referer');
         my $base = $c->req->base;
         error($c, "POST requests should come from ‘$base’")
-            unless defined $referer && $referer eq $base;
+            unless defined $referer && substr($referer, 0, length $base) eq $base;
     }
 
     $c->forward('deserialize');