From 5556fd88bd7fcc78aaa861dad9e71b4945d9629b Mon Sep 17 00:00:00 2001
From: Chad Whitacre <chad@zetaweb.com>
Date: Fri, 29 Jun 2012 12:52:26 -0400
Subject: [PATCH] Attempt to fix regression with tip button (#91)

In porting crsf.py from Django I neglected to clean up an API call for
accessing the Referer header.
---
 gittip/csrf.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gittip/csrf.py b/gittip/csrf.py
index adea9bb72c..c3afdb2493 100644
--- a/gittip/csrf.py
+++ b/gittip/csrf.py
@@ -117,7 +117,7 @@ def inbound(request):
             # Barth et al. found that the Referer header is missing for
             # same-domain requests in only about 0.2% of cases or less, so
             # we can use strict Referer checking.
-            referer = request.headers.get('HTTP_REFERER')
+            referer = request.headers.get('Referer')
             if referer is None:
                 raise Response(403, REASON_NO_REFERER)