Amazon CSRF Demo

Update: This demo no longer works. As you can see in the iframe below, you are now asked to confirm your selection. This could be exploited with clickjacking, like the Twitter Don't Click Exploit, but at least that requires some action on your part.

For more information, read about My Amazon Anniversary.