CSRF mitigations using non-simple requests

[jackevans43]

This PR covers issue #1309

• [ ] In case of a new Cheat Sheet, you have used the Cheat Sheet template.
• [ ] All the markdown files do not raise any validation policy violation, see the policy.
• [x] All the markdown files follow these format rules.
• [ ] All your assets are stored in the assets folder.
• [ ] All the images used are in the PNG format.
• [x] Any references to websites have been formatted as [TEXT](URL)
• [x] You verified/tested the effectiveness of your contribution (e.g., the defensive code proposed is really an effective remediation? Please verify it works!).
• [ ] The CI build of your PR pass, see the build status here.

[jackevans43]

@mackowski

[jackevans43]

@jmanico Would you be happy if I just removed the link to the bug? The text about browser bugs was almost entirely copied from the existing text, with the addition of the specific example where the content type was not enforced.

[jmanico]

Please :)

[jackevans43]

@jmanico Done!