-# referenced. Access to trusted domains, includes all paths within that
-# domain. Preceding a domain with a '+' character, will designate that domain
-# as a "trusted referrer", meaning any pages linked from that site will be
-# allowed, and then added dynamically to this file. Thus, this builds a
-# "white-list" of safe places to browse. Note this means that the file will
-# grow with use!
+# referenced. Access to trusted domains includes all paths within that
+# domain.
+
+# Preceding a domain with a '+' character will designate that domain
+# as a "trusted referrer", meaning any requests whose HTTP "Referer" headers
+# contain an URL from that domain will be allowed, and the previously untrusted
+# host will be dynamically added to this file. Thus, this builds a "white-list"
+# of hosts the user is allowed to visit.
+
+# Note this means that the file will grow with use!
+
+# Also note that you can only trust referrers if you control the user's
+# system and make sure that there are no programs available that allow
+# to set arbitrary headers.