There is a method explained here.
It consists of adding a X-CSRFToken header on each ajax request.
This is done by hooking in the jQuery.ajaxSend event, so everything is done automatically (you just have to copy and past their code, and run it once before the first ajax request you make).
