Hacking CSRF: Referer-Based CSRF Defense
Bypassing the Referer-Based Header