The HTTP origin header that was proposed as a defense to CSRF attack has now been submitted for review to the IETF. Here is an interesting criticism to the proposed method in the IETF discussion forum:

http://lists.w3.org/Archives/Public/ietf-http-wg/2009JanMar/0037.html