# File lib/action_dispatch/http/request.rb, line 144
    def forgery_whitelisted?
      get? || xhr? || content_mime_type.nil? || !content_mime_type.verify_request?
    end