[wp-hackers] Enable Sending Referrers

Firas D. fd at firasd.org
Sun Aug 14 00:39:50 GMT 2005

If I understand correctly (and I may well not), it's to protect you from 
doing something that, as a verified user you're authenticated to do but 
may not want to (eg clicking random links that do evil things in 
wp-admin). It's an extra step, not a substitute one.


Denis de Bernardy wrote:

>I'd be curious to know the rational behind this defense mechanism. Like,
>isn't it trivial to fake the referrer?

More information about the wp-hackers mailing list