As part of the book I've been developing some sample code for each chapter; and for chapter 4 the code has taken far more time than the chapter itself. That chapter deals with query strings and forms and covers Cross Site Request Forgery (CSRF). CSRF is a exploit where a form request comes from another site and your site proceeds to act upon it because a user is already authenticated. I’ve covered this in more detail previously and released AntiCSRF to codeplex to help you protect against it. One of the things Alex and I discovered whilst going...