I am preparing a technical paper presentation on web attacks which includes almost everything about web attacks firewall bypassing process injection and so on.
But have some problems in understanding HTTP_REFERER spoofing techniques i tried searching google but can't find much of interest there and RFC 2616 isn't helping me at all.
i will appriciate any help or link.