Requirement 6.5.5

Cross-site request forgery (CSRF)