Password Reset and Web-Cache Poisoning (and a Little Surprise in RFC-2616)

"How does a deployable web-application know where it is? Creating a trustworthy absolute URI is trickier than it sounds. Developers often resort to the exceedingly untrustworthy HTTP Host header (_SERVER["HTTP_HOST"] in PHP)"...