securitytube/referer-check.py

## referer-check.py
        param = self.request.get("ch9")
        referer = self.request.referer

        if referer:
            domain = referer.replace('http://', '').split('/')[0]
            logging.info(domain)
            if param == flag and ( domain.find("pentesteracademylab.appspot.com") != -1 ) :
                cid = "success"
                self.response.headers.add_header("Set-Cookie", "cid-csrf9="+cid)
                self.redirect("/lab/webapp/csrf/9")
                return
	param = self.request.get("ch9")
	referer = self.request.referer

	if referer:
	domain = referer.replace('http://', '').split('/')[0]
	logging.info(domain)
	if param == flag and ( domain.find("pentesteracademylab.appspot.com") != -1 ) :
	cid = "success"
	self.response.headers.add_header("Set-Cookie", "cid-csrf9="+cid)
	self.redirect("/lab/webapp/csrf/9")
	return