Page History
...
How to support existing installation: WhiteList? Special Code? Tokens??!?
Should it be possible to configure a white list of additional referrers? Perhaps some integrations would like to make direct requests from external servers, or would this be introducing too great of a vulnerabilty?
Research
OWASP Page: Investigate Referrer Method
...
Overview
Content Tools