diff --git a/rack-protection/lib/rack/protection/json_csrf.rb b/rack-protection/lib/rack/protection/json_csrf.rb
index 41ee54ba..7aea8873 100644
--- a/rack-protection/lib/rack/protection/json_csrf.rb
+++ b/rack-protection/lib/rack/protection/json_csrf.rb
@@ -15,7 +15,7 @@ module Rack
 
       def call(env)
         status, headers, body = app.call(env)
-        if headers['Content-Type'].to_s.split(';', 2).first.strip == 'application/json'
+        if headers['Content-Type'].to_s.split(';', 2).first =~ /^\s*application\/json\s*$/
           result = react(env) if referrer(env) != Request.new(env).host
         end
         result or [status, headers, body]
diff --git a/rack-protection/spec/json_csrf_spec.rb b/rack-protection/spec/json_csrf_spec.rb
index 6f033ec7..6e9fbe68 100644
--- a/rack-protection/spec/json_csrf_spec.rb
+++ b/rack-protection/spec/json_csrf_spec.rb
@@ -20,4 +20,13 @@ describe Rack::Protection::JsonCsrf do
       get('/', {}).should be_ok
     end
   end
+
+  describe 'not json response' do
+
+    it "accepts get requests with 304 headers" do
+      mock_app { |e| [304, {}, []]}
+      get('/', {}).status.should == 304
+    end
+
+  end
 end