Removing _Token from request data.

It is not used outside the component and could possibly affect Model::save().
Fixes #2256

Signed-off-by: mark_story <mark@mark-story.com>

lib/Cake/Controller/Component/SecurityComponent.php

@@ -208,6 +208,9 @@ class SecurityComponent extends Component {
 			}
 		}
 		$this->_generateToken($controller);
+		if ($isPost) {
+			unset($controller->request->data['_Token']);
+		}
 	}
 
 /**