--- manager/index.php	2009-09-08 12:33:54.000000000 +0200
+++ manager/index.php	2009-09-08 12:35:35.000000000 +0200
@@ -230,7 +230,7 @@ if (isset($modx->config['validate_refere
         $referer = $_SERVER['HTTP_REFERER'];
 
         if (!empty($referer)) {
-            if (!preg_match('/'.preg_quote(MODX_SITE_URL, '/').'/i', $referer)) {
+            if (!preg_match('/^'.preg_quote(MODX_SITE_URL, '/').'/i', $referer)) {
                 echo "A possible CSRF attempt was detected from referer: {$referer}.";
                 exit();
             }
