Antiforgery validation doesn't work with backbone

This is because the default MVC ValidateAntiForgeryToken only works with POST requests and backbone uses PUT and DELETE.

There is a workaround at http://www.codethinked.com/asp.net-mvc-ajax-csrf-protection-with-jquery-1.5 but it is a pain to do and now it supports validation for ajax-only.

too much friction...
