From f5d240afd0f710a643f38e6e6910128725f2c66b Mon Sep 17 00:00:00 2001
From: whom <m0rtydisg@gmail.com>
Date: Mon, 3 Oct 2022 20:45:37 +0300
Subject: [PATCH] fix TypeError when attack

---
 aiohttp_csrf/policy.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/aiohttp_csrf/policy.py b/aiohttp_csrf/policy.py
index c84083a..da4df00 100644
--- a/aiohttp_csrf/policy.py
+++ b/aiohttp_csrf/policy.py
@@ -19,6 +19,8 @@ async def check(self, request, original_value):
         post = post_req.get(self.field_name) if post_req is not None else None
         post = post if post is not None else ''
         token = get if get is not None else post
+        if not original_value:
+            return False
 
         return compare_digest(token, original_value)
 
@@ -30,6 +32,8 @@ def __init__(self, header_name):
 
     async def check(self, request, original_value):
         token = request.headers.get(self.header_name)
+        if not original_value:
+            return False
 
         return compare_digest(token, original_value)