Only supported if the server you're requesting to sets an "Access-Control-Allow-Origin" HTTP header specifying that the referer is allowed. You cannot change the referer via JS. If that header is not set, the browser denies the request. It's very well thought out I think.
https://developer.mozilla.org/En/HTTP_access_control