And among the XSS issues, which most OpenID libraries have, CSRF (Cross-site Request Forgery) seams to be the most pervasive form of attack.

When it comes to OpenID, it seams that developers forget about CSRF, or they just don’t want to simply deal w