https://devhubby.com/thread/how-to-prevent-csrf-in-an-aem-web-application