From 11e794d47726eb8c83345ce6b5dac7fe5168812e Mon Sep 17 00:00:00 2001
From: "burke.davey" <burke.davey@dad15e60-07c4-0504-eb71-dc8a1c21358d>
Date: Thu, 17 Jun 2010 22:44:43 +0000
Subject: [PATCH] Turn on XSRF for Firefox

---
 .../google/android/chrometophone/server/SendServlet.java   | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/appengine/src/com/google/android/chrometophone/server/SendServlet.java b/appengine/src/com/google/android/chrometophone/server/SendServlet.java
index bbeacce..6cb4581 100644
--- a/appengine/src/com/google/android/chrometophone/server/SendServlet.java
+++ b/appengine/src/com/google/android/chrometophone/server/SendServlet.java
@@ -52,12 +52,9 @@ public class SendServlet extends HttpServlet {
         resp.setContentType("text/plain");
 
         // Basic XSRF protection
-        if (req.getHeader("X-Extension") == null &&
-                req.getHeader("User-Agent").indexOf("Firefox") == -1) {  // TODO: Remove exception for Firefox
+        if (req.getHeader("X-Extension") == null) {
             resp.setStatus(400);
-            resp.getWriter().println(ERROR_STATUS + " You are using an old version of the extension that is no " +
-                    "longer supported. Please install v0.2 or later of the extension " +
-                    "from http://code.google.com/p/chrometophone.");
+            resp.getWriter().println(ERROR_STATUS + " - Please upgrade your extension");
             log.warning("Missing X-Extension header");
             resp.setStatus(400);
             return;