Explicitly allow GET requests for specific actions, verify authenticity token on GET
Eugene Kalenkovich
N/A