I find it interesting that everyone posts in this thread opposed to the mission thread for basic 5 when the "I did this the same way" thing comes up. Alright, guys, I addressed this already in basic 5
. See here:
If you are reading this it is likely for one of two reasons. One, you aren’t sure why the same method to complete Basic 4 isn’t working. Or, two, you are wondering why this was solved the same you completed Basic 4. I’ll explain.
In Basic 4, Network Security Sam was not verifying referers which is why if you chose to complete the challenge by recreating the webpage on your desktop it worked. You performed a VERY crude example of a cross-site request forgery (CSRF) attack. Because the referer was not being validated it allowed you to send the request from a different host (i.e. yourself).