Application/json request defaults?

I ran into a strange problem when moving a locally working app to a
hosted server.

We have a phone app sending json requests via POST to the rails app.
When doing this on the local system everything comes through as

When I moved it to the host I was having Authenticity Token errors. I
realized that our phone app was not setting the correct content-type
to application/json

I’m confused as to why this works on my local system? Is there some
setting that allows it to default / override all json requests to
application/json type?

Another thing I noticed is that on the remote system all AJAX calls
have an authenticitytoken included in the request params (but there is
no field in the FORM for that)

On the local system this token doesn’t get included in AJAX calls.

I think there must be some setting/configuration but I haven’t been
able to find anything.

Anyone have ideas?

Also, this is on RAILS 2.3.4