Add scopes and time windows to Rails's CSRF protection. Redirect to referrer with a flash message when possible.
None
Bart Teeuwisse