Fixed issue: Missing CSRF protection
Dev Can now be enabled in LSYii_Application.php. Its currently deactivated as it is mostly untested.
Dev New HttpRequest class enables exceptions for certain POST requests (like AJAX)