Too Long; Didn't Read
CSRF (Cross-Site Request Forgery) is an attack that impersonates a trusted user and sends unwanted commands. This can be done, for example, by including malicious parameters in a URL behind a link that purports to go somewhere else:https://www.example.com.com: For users who have some permissions on the website, the element will execute action on the site without their noticed. There are many ways to prevent CSRF, such as implement RESTful API, add secure token, etc.