[junto]

Reminds me of this hack using the x-forwarded-for header:

http://blog.ircmaxell.com/2012/11/anatomy-of-attack-how-i-ha...

(Anatomy of an Attack: How I Hacked StackOverflow)

and this:

http://xkcd.com/327/

(Exploits of a Mom)

Never trust the client....