AntiPattern
Redirect-Driven Trust Bypass
redirect-driven-trust-bypass
Client-controlled redirects, referer spoofing, and frontend-only auth flows let attackers forge “success” signals or authentication state, because the system assumes returned parameters or browser navigation proves payment or identity.