He intercepted jQuery ajax events to add a custom parameter querystring (i.e. this is a custom solution and needs to be carefully implemented on the server side, this is not a standard solution). This will probably help prevent a website from becoming infected with a common case, but not against a targeted attack.