This controller never actually processes a user request. It's used
internally to check CSRF tokens.

However, because it is a controller, 'requests' to it will show up in
unstructured logs. We added this log message to clarify that any 429s
weren't real requests, but simply internal usage.

When we added this log message, structured logs wouldn't emit a plain
message like this. Now that we have more comprehensive structured logs,
and recommend them going forward, they will emit these messages, which
can cause a lot of log spam. That log spam is exacerbated by enabling
Rack Attack, because the throttles we use will indirectly use this dummy
controller and so every single request can log these three lines.

As such, this log message probably isn't needed any more, as it's doing
more harm than good.