http://en.wikipedia.org/wiki/Cross-site_request_forgery -- The web-calculus is the union of REST and capability-based security: http://www.waterken.com/dev/Web/ Name your trusted sites to distinguish them from phishing sites. https://addons.mozilla.org/firefox/957/