diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index 441b214c4e..2271470334 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -78,6 +78,8 @@ module ActionController #:nodoc:
         end
       end
 
+      # This is the method that defines the application behaviour when a request is found to be unverified.
+      # By default, \Rails resets the session when it finds an unverified request.
       def handle_unverified_request
         reset_session
       end