diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 0bc2cd0..dd697e4 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,7 +1,7 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
-  protect_from_forgery with: :exception
+  protect_from_forgery with: :null_session
 
   rescue_from CanCan::AccessDenied do |exception|
     redirect_to root_url, alert: exception.message
diff --git a/app/controllers/transactions_controller.rb b/app/controllers/transactions_controller.rb
index 7e971c8..9e3eb55 100644
--- a/app/controllers/transactions_controller.rb
+++ b/app/controllers/transactions_controller.rb
@@ -1,6 +1,4 @@
 class TransactionsController < ApplicationController
-  skip_before_filter :verify_authenticity_token, :only => :create
-
   def index
     @transactions = Transaction.all
   end