From 31fb5b84c75b8178cbf6f9b8a9de9985fe4f78f1 Mon Sep 17 00:00:00 2001
From: Tobias Schultze <webmaster@tubo-world.de>
Date: Mon, 28 Oct 2013 10:38:19 +0100
Subject: [PATCH] update framework csrf configuration

https://github.com/symfony/symfony/pull/9252
---
 reference/configuration/framework.rst | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/reference/configuration/framework.rst b/reference/configuration/framework.rst
index 05d707e370d..01752fbe950 100644
--- a/reference/configuration/framework.rst
+++ b/reference/configuration/framework.rst
@@ -20,11 +20,14 @@ Configuration
 * `ide`_
 * `test`_
 * `trusted_proxies`_
-* `form`_
-    * enabled
 * `csrf_protection`_
     * enabled
-    * field_name
+    * field_name (deprecated)
+* `form`_
+    * enabled
+    * csrf_protection
+        * enabled
+        * field_name
 * `session`_
     * `name`_
     * `cookie_lifetime`_
@@ -452,12 +455,16 @@ Full Default Configuration
             test:                 ~
             default_locale:       en
 
+            csrf_protection:
+                enabled:              false
+                field_name:           _token # Deprecated since 2.4, to be removed in 3.0. Use form.csrf_protection.field_name instead
+
             # form configuration
             form:
                 enabled:              false
-            csrf_protection:
-                enabled:              false
-                field_name:           _token
+                csrf_protection:
+                    enabled:              true
+                    field_name:           ~
 
             # esi configuration
             esi: