1 files changed, 0 insertions, 43 deletions

diff --git a/srv/src/http/csrf.go b/srv/src/http/csrf.go
deleted file mode 100644
index a64e37e..0000000
--- a/srv/src/http/csrf.go
+++ /dev/null
@@ -1,43 +0,0 @@
-package http
-
-import (
-	"errors"
-	"net"
-	"net/http"
-	"net/url"
-
-	"github.com/mediocregopher/blog.mediocregopher.com/srv/http/apiutil"
-)
-
-func checkCSRF(r *http.Request, publicURL *url.URL) error {
-
-	if ipStr, _, err := net.SplitHostPort(r.Host); err == nil {
-		if ip := net.ParseIP(ipStr); ip != nil && ip.IsLoopback() {
-			return nil
-		}
-	}
-
-	refererURL, err := url.Parse(r.Referer())
-	if err != nil {
-		return errors.New("invalid Referer")
-	}
-
-	if refererURL.Scheme != publicURL.Scheme ||
-		refererURL.Host != publicURL.Host {
-		return errors.New("invalid Referer")
-	}
-
-	return nil
-}
-
-func (a *api) checkCSRFMiddleware(h http.Handler) http.Handler {
-	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
-
-		if err := checkCSRF(r, a.params.PublicURL); err != nil {
-			apiutil.BadRequest(rw, r, errors.New("invalid Referer"))
-			return
-		}
-
-		h.ServeHTTP(rw, r)
-	})
-}