Furthermore as a user it sounds like a nightmare. If I want to go straight to an interior page after a session is over I would no longer be able to, and would instead need to login via Doman or bookmark then go to interior page
Also making login page so it only works when referer is home page (or csrf-prot-like mechanism) avoids creation of links to login.
-
-
Many browsers now hide referer entirely so we've had trouble with that
-
Even within site? I thought it was cross-site only.
-
Lots of sites depend on same-origin referer e.g. for image linking restrictions.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
