The referer field in HTTP requests can be easily modified and,
					as such, is not a valid means of message integrity
					checking.