Verified Commit b1811686 authored by David Haynes's avatar David Haynes 🙆
Browse files

Remove troublesome check

- causes 500 on prod
- it's pretty stupid anyways, the lazy way out
parent 95fc8208
Pipeline #1523 passed with stages
in 2 minutes and 29 seconds
......@@ -321,7 +321,6 @@ def delete(request, short):
This view deletes a URL if you have the permission to. User must be
logged in and registered, and must also be the owner of the URL.
# Do not allow unapproved users to delete links
if not request.user.registereduser.approved:
return render(request, 'not_registered.html')
......@@ -331,19 +330,6 @@ def delete(request, short):
# If the RegisteredUser is the owner of the URL
if url.owner == request.user.registereduser:
# There are some instances where this request header does not exist, in
# this case we fallback to the insecure method
if request.META.get('HTTP_REFERER') is not None:
# Make sure that the requestee is from the same domain (
if request.META.get('HTTP_REFERER') == request.META.get('HTTP_HOST'):
# remove the URL
# redirect to my_links
return redirect('my_links')
raise PermissionDenied()
# Fallback and delete
# remove the URL
# redirect to my_links
......@@ -352,7 +338,6 @@ def delete(request, short):
# do not allow them to delete
raise PermissionDenied()
def signup(request):
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment