5c678a2550
Removed `username:password@` portion of example target URLs as unfortunately this triggers warnings in most modern browsers. The modules target CSRF vulnerabilities and it's expected and acceptable behaviour to rely on the user having an authorized session by default. "Advanced users" will be familiar with the `username:password@` trick and can add it to the URL if they desire.