I'm using Rails 4.2.5, and the jQuery gem, version 4.0.5
I have an AJAX call via jQuery.ajax() in my code, and found that the CSRF token that I inserted via Rails' csrf_meta_tags helper is being added to the AJAX POST call, even though I didn't write any code to insert it. That is, I did not look for the meta tag, extract its value, and insert it into the XHR with a beforeSend handler.
The jQuery documentation says nothing about jQuery automatically inserting this token - is this undocumented auto-magic behavior?
