Netmap view changes cannot be saved when CSRF protection is turned on

Testing #3396 reveals that Netmap view changes cannot be saved once CSRF protection is turned on.

Though any forms in Netmap templates may have been updated, I suspect Netmap uses some stupid javascript magic for its save/delete-buttons that bypasses the CSRF token on submission. 

Further investigation is needed to figure exactly what is going on.
