Protect your reset password tokens: UK Data Protection position on referers

If you wish to use Reset Password tokens, then be sure to block referers and&#x2F;or not include any third party loaded assets (JavaScript, css, etc).<p>It&#x27;s not just reset password tokens: beware any protected data, like PII (emails, etc)!