How does Rails handle CSRF protection?

Pick the mechanism Rails uses to prevent CSRF attacks.

It disables cookies

It uses CAPTCHA verification

It checks a hidden authenticity token

It hashes all routes

Question 1 of 10