Ubuntu
apache2 package

  1. Bug #1939678
  2. Comment #19

Comment 19 for bug 1939678

Revision history for this message
In , Jorton-9 (jorton-9) wrote :

Yes, you need to have a valid Referer: header in the request since 2.4.41 - this is a deliberate security feature to prevent XSS/XSRF attacks. So I don't see a bug here.