C-sharp : Cross-site request forgery (CSRF)