From 1f5db0aa242d4de26aeb79b78d146b7f2a5ba7f3 Mon Sep 17 00:00:00 2001
From: shortcutme <tamas@zeronet.io>
Date: Wed, 4 Oct 2017 12:41:14 +0200
Subject: [PATCH] Nonce checking moved to route command

---
 src/Ui/UiRequest.py | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py
index 73fd5cda..87db17fc 100644
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@@ -445,11 +445,6 @@ class UiRequest(object):
 
         # Check wrapper nonce
         content_type = self.getContentType(path_parts["inner_path"])
-        if "htm" in content_type and not header_noscript:  # Valid nonce must present to render html files
-            wrapper_nonce = self.get.get("wrapper_nonce")
-            if wrapper_nonce not in self.server.wrapper_nonces:
-                return self.error403("Wrapper nonce error. Please reload the page.")
-            self.server.wrapper_nonces.remove(self.get["wrapper_nonce"])
         else:
             referer = self.env.get("HTTP_REFERER")
             if referer and path_parts:  # Only allow same site to receive media