On Thu, Dec 11, 2008 at 02:14:58PM +0100, Sebastian Gottschall (DD-WRT) wrote: > all fixed images (for all platforms) are now provided here in our test > folder "Fixed" except for people who don't send Referers or for anyone who browses an SSL site. Lenient Referer checking is not a solution for CSRF.