Ok, just found the solution myself.
I added the following to my AppController::beforeFilter()
:
if (
($this->request->isPost() || $this->request->isPut()) &&
empty($_POST) && empty($_FILES)
) {
$this->Security->csrfCheck = false;
}
Maybe this is of use to someone else.