b839b2be31
Therefore, only raise Forbidden if Origin (or Referer for MSIE) is sent (which is a protected header and all modern browsers (except IE)). Also add a basic unit test which asserts the failure for false origins. |
||
---|---|---|
.. | ||
fixtures.py | ||
test_comments.py | ||
test_cors.py | ||
test_guard.py | ||
test_vote.py |