websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Is XSS via HTTP_REFERER possible in this case?