CSRF injection attack on websockets demo (based on this article) Install dependences: $> npm i Run tests (they are NOT supposed to pass, as the injection is feasible today) $> npm t