On Wed, Jan 15, 2014 at 10:28 AM, Peter Wu <lekenst...@gmail.com> wrote: > While the referrer part may not be that easily spoofable
Note that as of b826537 we no longer rely on the referer and instead use a hidden html form with a secured value. This also doubles as CSRF protection. _______________________________________________ CGit mailing list CGit@lists.zx2c4.com http://lists.zx2c4.com/mailman/listinfo/cgit