I have a single page application built using angularjs which uses $http service to issue GET and POST requests. The site does not authenticate users and it is anonymous. Is there a way to prevent from CSRF attacks for anonymous web sites? I found many posts for implementing it in angularjs which uses $http service. But I did not understand if it applies to anonymous applications as well. Can anyone please advise? Thank you!
You don't need to worry about CSRF if you don't have authentication. Moreover if you add token authentication that is passed as a header, you don't need to worry about it either.
The problem with CSRF is another site using authentication cookie to your site automatically.
Perhaps you were worried about something else, not CSRF? What exactly are you afraid of, since whole site is publicly available and anonymous?