Rails: csrf auth token

add to layouts/application.html.haml in the head section

= csrf_meta_tags

add to all *.html.haml, which make POST and GET requests
%input{:type=>"hidden", :name=>"authenticity_token", :value=>form_authenticity_token.to_s}