Prevent password reset's submit_token endpoint from accepting trailing slashes.