I’m working on tracking custom images and was wondering if this code is safe to run:
if(isset($_SERVER['HTTP_REFERER']))
$t->setUrl($_SERVER['HTTP_REFERER']);
Since HTTP_REFERER can be easily spoofed, I wondered if Piwik performs the necessary validation to make sure no injects happen, or if I should perform my own validations to make sure the URL is valid.