Referer-based-Open-redirect

A POC and bug report sample for a reported referer-based open redirect

I later figured I could chain this to escape an ssrf filter by parsing a redirected path name to an internal endpoint : /dashboard.