Bypassing referrer check with no script involved

No more to use scripting approach like

This useful meta tag helps for CSRF POC preparation when you come across an application that checks referrer header:
<meta name="referrer" content="no-referrer">


Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

Jumping out of Touch Screen Kiosks

HttpOnly Session ID in URL and Page Body | Cross Site Scripting