The javascript would just have to create a form and submit it. Not a big problem at all. Alternatively, create an iframe in which the form is autosubmitted via javascript.

Doesn't that break the back button, making it no longer "frictionless"?

What makes you think that? CSRF vulnerabilities are possible precisely because cross-domain POST requests can be created without violating the cross-domain policy.