diff --git a/actionpack/lib/action_controller/mime_type.rb b/actionpack/lib/action_controller/mime_type.rb
index 8ca3a703416ace454045491c4d4e7377a64a366d..6923a13f3f5235d8045260f4370f522d0559548a 100644
--- a/actionpack/lib/action_controller/mime_type.rb
+++ b/actionpack/lib/action_controller/mime_type.rb
@@ -25,7 +25,7 @@ class Type
     # These are the content types which browsers can generate without using ajax, flash, etc
     # i.e. following a link, getting an image or posting a form.  CSRF protection
     # only needs to protect against these types.
-    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form]
+    @@browser_generated_types = Set.new [:html, :url_encoded_form, :multipart_form, :text]
     cattr_reader :browser_generated_types
 
 
@@ -177,7 +177,7 @@ def ==(mime_type)
     end
 
     # Returns true if Action Pack should check requests using this Mime Type for possible request forgery.  See
-    # ActionController::RequestForgerProtection.
+    # ActionController::RequestForgeryProtection.
     def verify_request?
       browser_generated?
     end