[wp-hackers] Enable Sending Referrers
fd at firasd.org
Sun Aug 14 00:39:50 GMT 2005
If I understand correctly (and I may well not), it's to protect you from
doing something that, as a verified user you're authenticated to do but
may not want to (eg clicking random links that do evil things in
wp-admin). It's an extra step, not a substitute one.
Denis de Bernardy wrote:
>I'd be curious to know the rational behind this defense mechanism. Like,
>isn't it trivial to fake the referrer?
More information about the wp-hackers