implement form token protection

that was easy

lib/rack/protection/form_token.rb

@@ -14,9 +14,10 @@ module Protection
     # since it might be a security issue, depending on your application
     #
     # Compatible with Rails and rack-csrf.
-    #
-    # Not Yet Implemented!
     class FormToken < AuthenticityToken
+      def accepts?(env)
+        env["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest" or super
+      end
     end
   end
 end