Comment by danielrm26
13 years ago
The referer header is also controlled by the client. Anything controlled by the client should be considered tainted.
13 years ago
The referer header is also controlled by the client. Anything controlled by the client should be considered tainted.
This doesn't really apply when you are trying to verify whether the client actually performed some action.
In a CSRF scenario, the client itself can presumably be "trusted" - A client behaving maliciously can only hurt itself, not any one else. The important thing is to not trust anything that may have been provided by a third party.