Removed CSRF checks (not needed because of JSON store).

app/controllers/application_controller.rb

@@ -1,6 +1,5 @@
 class ApplicationController < ActionController::Base
   include UserInfo
-  protect_from_forgery
 #  http_basic_authenticate_with :name => "test", :password => "ttt"
 
   helper_method :current_user, :authentication_check, :config_frontend, :user_data_full

app/controllers/ticket_overviews_controller.rb

@@ -1,5 +1,4 @@
 class TicketOverviewsController < ApplicationController
-  skip_before_filter :verify_authenticity_token
   before_filter :authentication_check
 
   # GET /tickets

app/controllers/tickets_controller.rb

@@ -1,5 +1,4 @@
 class TicketsController < ApplicationController
-  skip_before_filter :verify_authenticity_token
   before_filter :authentication_check
 
   # GET /tickets