import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class MyServlet extends HttpServlet {
  protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    String referer = request.getHeader("referer"); // Noncompliant [[sc=30;ec=39]] {{"referer" header should not be relied on}}
    String param1 = request.getHeader("param1");
    if (isTrustedReferer(referer)) {
      //..
    }
    //...
  }
}