From beecc5072eb43147fb6db52ff073a890491d1fe7 Mon Sep 17 00:00:00 2001
From: astaxie <xiemengjun@gmail.com>
Date: Sun, 22 Sep 2013 14:35:01 +0800
Subject: [PATCH] fix #209

---
 controller.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/controller.go b/controller.go
index 1a35ca1b..31f07188 100644
--- a/controller.go
+++ b/controller.go
@@ -335,9 +335,7 @@ func (c *Controller) CheckXsrfCookie() bool {
 	}
 	if token == "" {
 		c.Ctx.Abort(403, "'_xsrf' argument missing from POST")
-	}
-
-	if c._xsrf_token != token {
+	} else if c._xsrf_token != token {
 		c.Ctx.Abort(403, "XSRF cookie does not match POST argument")
 	}
 	return true