Most of you are aware of the CSRF attack. I use JS on a daily basis but I actually never thought that the code I develop could be CSRF-prone. You saw that coming - I was wrong and I want to share that harsh lesson. Let’s assume you’re developing a web app called omg-app.com (obviously because it’s so good it will make everyone say OMG!). The app is getting bigger, lots of people use it, new featur