Change check_origin with check_referer

Author: gogasca

jupyter_server/base/handlers.py

@@ -535,7 +535,7 @@ def check_xsrf_cookie(self) -> None:
             # Servers without authentication are vulnerable to XSRF
             return None
         try:
-            if not self.check_origin():
+            if not self.check_referer():
                 raise web.HTTPError(404)
             return super().check_xsrf_cookie()
         except web.HTTPError as e: