diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/WebExtension.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/WebExtension.php
index d4e1be5c31..9dd76d4606 100644
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/WebExtension.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/WebExtension.php
@@ -52,6 +52,12 @@ class WebExtension extends Extension
$container->setParameter('debug.file_link_format', 'txmt://open?url=file://%%f&line=%%l');
}
+ foreach (array('csrf_secret', 'csrf-secret') as $key) {
+ if (isset($config[$key])) {
+ $container->setParameter('csrf_secret', $config[$key]);
+ }
+ }
+
if (isset($config['router'])) {
if (!$container->hasDefinition('router')) {
$loader->load($this->resources['routing']);
diff --git a/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php b/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
index 5a23c7cf7d..274e7e4f92 100644
--- a/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
+++ b/src/Symfony/Bundle/FrameworkBundle/FrameworkBundle.php
@@ -3,6 +3,7 @@
namespace Symfony\Bundle\FrameworkBundle;
use Symfony\Framework\Bundle\Bundle;
+use Symfony\Component\Form\Form;
/*
* This file is part of the Symfony framework.
@@ -20,4 +21,14 @@ use Symfony\Framework\Bundle\Bundle;
*/
class FrameworkBundle extends Bundle
{
+ /**
+ * Boots the Bundle.
+ */
+ public function boot()
+ {
+ if ($secret = $this->container->getParameter('csrf_secret')) {
+ Form::setDefaultCsrfSecret($secret);
+ Form::enableDefaultCsrfProtection();
+ }
+ }
}
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd b/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
index 83563e2d0f..f4caf0aebf 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
@@ -17,6 +17,7 @@
+
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/php/config/config.php b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/php/config/config.php
index 36adc2d7c1..0be2e62aa0 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/php/config/config.php
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/php/config/config.php
@@ -6,8 +6,9 @@ $container->loadFromExtension('kernel', 'config', array(
));
$container->loadFromExtension('web', 'config', array(
- 'router' => array('resource' => '%kernel.root_dir%/config/routing.php'),
- 'validation' => array('enabled' => true, 'annotations' => true),
+ 'csrf-secret' => 'xxxxxxxxxx',
+ 'router' => array('resource' => '%kernel.root_dir%/config/routing.php'),
+ 'validation' => array('enabled' => true, 'annotations' => true),
));
$container->loadFromExtension('web', 'templating', array(
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/xml/config/config.xml b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/xml/config/config.xml
index e83311e3f7..72783a206b 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/xml/config/config.xml
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/xml/config/config.xml
@@ -20,7 +20,7 @@
error_handler="null"
/>
-
+
diff --git a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/yml/config/config.yml b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/yml/config/config.yml
index 9a4ac82717..1c7f129952 100644
--- a/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/yml/config/config.yml
+++ b/src/Symfony/Bundle/FrameworkBundle/Resources/skeleton/application/yml/config/config.yml
@@ -3,8 +3,9 @@ kernel.config:
error_handler: null
web.config:
- router: { resource: "%kernel.root_dir%/config/routing.yml" }
- validation: { enabled: true, annotations: true }
+ csrf_secret: xxxxxxxxxx
+ router: { resource: "%kernel.root_dir%/config/routing.yml" }
+ validation: { enabled: true, annotations: true }
web.templating:
escaping: htmlspecialchars
diff --git a/src/Symfony/Component/Form/Form.php b/src/Symfony/Component/Form/Form.php
index 6a9d04bf68..5e8adae00b 100644
--- a/src/Symfony/Component/Form/Form.php
+++ b/src/Symfony/Component/Form/Form.php
@@ -32,7 +32,7 @@ class Form extends FieldGroup
{
protected static $defaultCsrfSecret = null;
protected static $defaultCsrfProtection = false;
- protected static $defaultCsrfFieldName = '_csrf_token';
+ protected static $defaultCsrfFieldName = '_token';
protected static $defaultLocale = null;
protected static $defaultTranslator = null;