How to prevent CSRF in a RESTful application?

Question

Cross Site Request Forgery (CSRF) is typically prevent with one of the following methods:

• Check referer - RESTful but unreliable
• insert token into for

Answer 1

Am I getting this right:

• You want protection against CSRF for users logged in via cookies.
• And at the same time you want RESTful interface for Basic, OAuth and Digest authenticated requests from apps.

So, why not check whether users is logged in via cookie and apply CSRF only then?

I'm not sure but is possible for another site to forge things like Basic auth or headers?

As far as I know , CSRF is all about cookies? RESTful auth doesn't happen with cookies.