Cross-site Request Forgery Attacks (CSRF): What a frontend developer should know