diff options
author | Milo Casagrande <milo.casagrande@linaro.org> | 2014-07-25 11:15:07 +0200 |
---|---|---|
committer | Milo Casagrande <milo.casagrande@linaro.org> | 2014-07-25 11:15:07 +0200 |
commit | dcfd06be321cdd867287ae64966ff2c96543a3cc (patch) | |
tree | 80110cb705413afb0525ad74395df4e84b03b3c3 /app/handlers/base.py | |
parent | dc0deb89c1c56b2ba9bf5491811678624a78e89b (diff) |
Protect POST method.
* Remove check on old header.
* Fix tests.
Change-Id: Ib706e57dca0669f6c611518a6379ce24f2e527b8
Diffstat (limited to 'app/handlers/base.py')
-rw-r--r-- | app/handlers/base.py | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/app/handlers/base.py b/app/handlers/base.py index 1e64738..934675a 100644 --- a/app/handlers/base.py +++ b/app/handlers/base.py @@ -198,6 +198,7 @@ class BaseHandler(RequestHandler): return valid_content + @protected @asynchronous def post(self, *args, **kwargs): @@ -224,11 +225,8 @@ class BaseHandler(RequestHandler): """ return_code = 200 - if self._has_xsrf_header(): - if not self._has_valid_content_type(): - return_code = 415 - else: - return_code = 403 + if not self._has_valid_content_type(): + return_code = 415 return return_code |