diff --git a/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php b/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php
index 345a7ea9a9..976312f78f 100644
--- a/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php
+++ b/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php
@@ -68,7 +68,9 @@ class CsrfValidationListener implements EventSubscriberInterface
                 $form->addError(new FormError('The CSRF token is invalid. Please try to resubmit the form.'));
             }
 
-            unset($data[$this->fieldName]);
+            if (is_array($data)) {
+                unset($data[$this->fieldName]);
+            }
         }
 
         $event->setData($data);
diff --git a/src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php b/src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
new file mode 100644
index 0000000000..65d649ab86
--- /dev/null
+++ b/src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
@@ -0,0 +1,78 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Tests\Extension\Csrf\EventListener;
+
+use Symfony\Component\Form\FormEvent;
+use Symfony\Component\Form\FormBuilder;
+use Symfony\Component\Form\Extension\Csrf\EventListener\CsrfValidationListener;
+
+class CsrfValidationListenerTest extends \PHPUnit_Framework_TestCase
+{
+    protected $dispatcher;
+    protected $factory;
+    protected $csrfProvider;
+
+    protected function setUp()
+    {
+        if (!class_exists('Symfony\Component\EventDispatcher\EventDispatcher')) {
+            $this->markTestSkipped('The "EventDispatcher" component is not available');
+        }
+
+        $this->dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
+        $this->factory = $this->getMock('Symfony\Component\Form\FormFactoryInterface');
+        $this->csrfProvider = $this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface');
+        $this->form = $this->getBuilder('post')
+            ->setDataMapper($this->getDataMapper())
+            ->getForm();
+    }
+
+    protected function tearDown()
+    {
+        $this->dispatcher = null;
+        $this->factory = null;
+        $this->csrfProvider = null;
+        $this->form = null;
+    }
+
+    protected function getBuilder($name = 'name')
+    {
+        return new FormBuilder($name, null, $this->dispatcher, $this->factory, array('compound' => true));
+    }
+
+    protected function getForm($name = 'name')
+    {
+        return $this->getBuilder($name)->getForm();
+    }
+
+    protected function getDataMapper()
+    {
+        return $this->getMock('Symfony\Component\Form\DataMapperInterface');
+    }
+
+    protected function getMockForm()
+    {
+        return $this->getMock('Symfony\Component\Form\Tests\FormInterface');
+    }
+
+    // https://github.com/symfony/symfony/pull/5838
+    public function testStringFormData()
+    {
+        $data = "XP4HUzmHPi";
+        $event = new FormEvent($this->form, $data);
+
+        $validation = new CsrfValidationListener('csrf', $this->csrfProvider, 'unknown');
+        $validation->preBind($event);
+
+        // Validate accordingly
+        $this->assertSame($data, $event->getData());
+    }
+}