Web Application Security Guide/Cross-site request forgery (CSRF)