I have a simple question, when sending a CSRF using the form method POST cookies are automatically included in the request by the browser, but what happens if xmlhttprequest
