According to OWASP guidelines, what is the recommended method to prevent cross-site request
forgery?

A.
Allow only POST requests.

B.
Mark all cookies as HTTP only.

C.
Use per-session challenge tokens in links within your web application.

D.
Always use the “secure” attribute for cookies.

E.
Require strong passwords.

Explanation: