I have an open redirect but it requires referer header
I have a question which I didn't find an answer for :
I have a request like https://mywebsite.com/redirect/**any website to redirect to it**
In the backend, there is a check, where if the website the redirect goes to is the same domain/subdomain as mywebsite.com the redirection passes, if the not, the backend checks the referer header if it's from the same domain/subdomain.
what I tried to do is to make this request
https://mywebsite.com/redi/mywebsite.com/redi/google.com
And I was expecting that the browser makes the first request which will pass because it's the same origin and then sets the referer header and makes the second request to mywebsite.com/redi/google.com
and because it's the same referer header it should pass.
The problem is the browser doesn't set the referer header at all and I can't see why. any ideas?
I've tried to see what is the behavior of the browser but according to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy#strict-origin-when-cross-origin it's strict origin when cross-origin so the browser should make the request
I've also tries to see the header coming from the backend and I didn't see any header to stop the referer :
HTTP/2 301 Moved Permanently
Content-Length: 0
X-Unbounce-Pageid:
Cache-Control: no-store
Location: -------
Cf-Cache-Status: DYNAMIC
Server: cloudflare
Cf-Ray: --
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Cdn: Imperva
X-Iinfo: ------