diff --git a/lib/headers.php b/lib/headers.php
index 2eb16e6..1d638fd 100644
--- a/lib/headers.php
+++ b/lib/headers.php
@@ -6,7 +6,8 @@ if(!isset($_SESSION)) {@session_start();}
if (!isset($_SESSION["csrf"])) {
$_SESSION["csrf"] = md5(uniqid(mt_rand(), true));
}
-if ($_REQUEST && $_REQUEST["csrf"] !== $_SESSION["csrf"]) {
+
+if (($_GET || $_POST) && $_REQUEST["csrf"] !== $_SESSION["csrf"]) {
echo '';
echo '';
die('Bad CSRF token');