[SECURITY-3583] Fix CSRF vulnerability in Groovy script choice parameter

Testing done

* Confirmed that I could see the failure documented in the security
  issue without this change (both methods)
* Confirmed that the failure documented in the security issue is no
  longer visible with this change.  Checked both methods
* Reviewed all the POST security scanning alerts in the GitHub repository,
  resolved those that were not an issue, and included a fix in this pull
  request for those that I thought were more risky

Author: MarkEWaite

src/main/java/jp/ikedam/jenkins/plugins/extensible_choice_parameter/SystemGroovyChoiceListProvider.java

@@ -52,6 +52,7 @@
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.Stapler;
 import org.kohsuke.stapler.StaplerRequest2;
+import org.kohsuke.stapler.verb.POST;
 
 /**
  * A choice provider whose choices are determined by a Groovy script.
@@ -115,6 +116,7 @@ public String getDisplayName() {
          * @param usePredefinedVariables
          * @return the selection of a default choice
          */
+        @POST
         public ListBoxModel doFillDefaultChoiceItems(
                 @AncestorInPath Job<?, ?> job,
                 @RelativePath("groovyScript") @QueryParameter String script,
@@ -166,6 +168,7 @@ public String getNoDefaultChoice() {
             return NoDefaultChoice;
         }
 
+        @POST
         public FormValidation doTest(
                 @AncestorInPath Job<?, ?> job,
                 // Define same as `doFillDefaultChoiceItems`