parent
d6ccbeedbd
commit
ef711ce845
|
@ -66,6 +66,8 @@ sub begin :Private {
|
||||||
my $referer = $c->req->header('Origin');
|
my $referer = $c->req->header('Origin');
|
||||||
$referer //= $c->req->header('Referer');
|
$referer //= $c->req->header('Referer');
|
||||||
my $base = $c->req->base;
|
my $base = $c->req->base;
|
||||||
|
die unless $base =~ /\/$/;
|
||||||
|
$referer .= "/";
|
||||||
error($c, "POST requests should come from ‘$base’.")
|
error($c, "POST requests should come from ‘$base’.")
|
||||||
unless defined $referer && substr($referer, 0, length $base) eq $base;
|
unless defined $referer && substr($referer, 0, length $base) eq $base;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue