Also do not try to inject into forms with GET HTTP method (inject-get-forms) if GET is configured to be an un-protected method by configuration (org.owasp.csrfguard.UnprotectedMethods)