isso/specs
Martin Zimmermann b839b2be31 HTTP Origin is only sent on cross-origin requests in Firefox
Therefore, only raise Forbidden if Origin (or Referer for MSIE) is sent
(which is a protected header and all modern browsers (except IE)).

Also add a basic unit test which asserts the failure for false origins.
2013-12-04 17:09:22 +01:00
..
fixtures.py HTTP Origin is only sent on cross-origin requests in Firefox 2013-12-04 17:09:22 +01:00
test_comments.py HTTP Origin is only sent on cross-origin requests in Firefox 2013-12-04 17:09:22 +01:00
test_cors.py fix unittest 2013-11-17 11:57:48 +01:00
test_guard.py fix unittest for werkzeug==0.8 2013-11-18 12:40:27 +01:00
test_vote.py add unittest for spam guard 2013-11-13 20:43:00 +01:00