CSRF attacks are also known by a number of other names, including XSRF, “Sea Surf”, Session Riding, Cross-Site Reference Forgery, and Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.
Just add somethings that attacker doesn't know
An attacker can launch a CSRF attack when he knows which parameters and value combination are being used in a form. Therefore, by adding an additional parameter with a value that is unknown to the attacker and can be validated by the server, you can prevent CSRF attacks. Below is a list of some of the methods you can use to block cross-site request forgery attacks.
Hackers are using a bug in PHP7 to remotely hijack web servers
Paulo Renato -
Environmental Variables & Hiding Sensitive Information in Ruby
Shannon Crabill -
How to Process Passwords as a Software Developer
Nathilia Pierce -
Firestore Rules Examples – Must-Know Patterns To Secure Your Data
Jamal Moir -