symfony
diff --git a/‎src/Symfony/Bridge/Twig/Extension/FormExtension.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Twig/Extension/FormExtension.php
+33-1Lines changed: 33 additions & 1 deletion b/‎src/Symfony/Bridge/Twig/Extension/FormExtension.php
Copy file name to clipboardExpand all lines: src/Symfony/Bridge/Twig/Extension/FormExtension.php
+33-1Lines changed: 33 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
+1Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
+1Lines changed: 1 addition & 0 deletions
diff --git a/‎tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionDivLayoutTest.php
Copy file name to clipboardExpand all lines: tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionDivLayoutTest.php
+1-1Lines changed: 1 addition & 1 deletion b/‎tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionDivLayoutTest.php
Copy file name to clipboardExpand all lines: tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionDivLayoutTest.php
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionTableLayoutTest.php
Copy file name to clipboardExpand all lines: tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionTableLayoutTest.php
+1-1Lines changed: 1 addition & 1 deletion b/‎tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionTableLayoutTest.php
Copy file name to clipboardExpand all lines: tests/Symfony/Tests/Bridge/Twig/Extension/FormExtensionTableLayoutTest.php
+1-1Lines changed: 1 addition & 1 deletion
@@ -14,6 +14,7 @@
 use Symfony\Bridge\Twig\TokenParser\FormThemeTokenParser;
 use Symfony\Component\Form\FormView;
 use Symfony\Component\Form\Exception\FormException;
+use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface;
 use Symfony\Component\Form\Util\FormUtil;
 
 /**
@@ -24,15 +25,17 @@
  */
 class FormExtension extends \Twig_Extension
 {
+    protected $csrfProvider;
     protected $resources;
     protected $blocks;
     protected $environment;
     protected $themes;
     protected $varStack;
     protected $template;
 
-    public function __construct(array $resources = array())
+    public function __construct(CsrfProviderInterface $csrfProvider, array $resources = array())
     {
+        $this->csrfProvider = $csrfProvider;
         $this->themes = new \SplObjectStorage();
         $this->varStack = array();
         $this->blocks = new \SplObjectStorage();
@@ -81,6 +84,7 @@ public function getFunctions()
             'form_label'               => new \Twig_Function_Method($this, 'renderLabel', array('is_safe' => array('html'))),
             'form_row'                 => new \Twig_Function_Method($this, 'renderRow', array('is_safe' => array('html'))),
             'form_rest'                => new \Twig_Function_Method($this, 'renderRest', array('is_safe' => array('html'))),
+            'csrf_token'               => new \Twig_Function_Method($this, 'getCsrfToken'),
             '_form_is_choice_group'    => new \Twig_Function_Method($this, 'isChoiceGroup', array('is_safe' => array('html'))),
             '_form_is_choice_selected' => new \Twig_Function_Method($this, 'isChoiceSelected', array('is_safe' => array('html'))),
         );
@@ -269,6 +273,34 @@ protected function render(FormView $view, $section, array $variables = array())
         ));
     }
 
+    /**
+     * Returns a CSRF token.
+     *
+     * Use this helper for CSRF protection without the overhead of creating a
+     * form.
+     *
+     * <code>
+     * <input type="hidden" name="token" value="{{ csrf_token('rm_user_' ~ user.id) }}">
+     * </code>
+     *
+     * Check the token in your action using the same intention.
+     *
+     * <code>
+     * $csrfProvider = $this->get('form.csrf_provider');
+     * if (!$csrfProvider->isCsrfTokenValid('rm_user_'.$user->getId(), $token)) {
+     *     throw new \RuntimeException('CSRF attack detected.');
+     * }
+     * </code>
+     *
+     * @param string $intention The intention of the protected action
+     *
+     * @return string A CSRF token
+     */
+    public function getCsrfToken($intention)
+    {
+        return $this->csrfProvider->generateCsrfToken($intention);
+    }
+
     /**
      * Returns the name of the extension.
      *
 
@@ -75,6 +75,7 @@
 
         <service id="twig.extension.form" class="%twig.extension.form.class%" public="false">
             <tag name="twig.extension" />
+            <argument type="service" id="form.csrf_provider" />
             <argument>%twig.form.resources%</argument>
         </service>
 
 
@@ -38,7 +38,7 @@ protected function setUp()
             __DIR__,
         ));
 
-        $this->extension = new FormExtension(array(
+        $this->extension = new FormExtension($this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface'), array(
             'form_div_layout.html.twig',
             'custom_widgets.html.twig',
         ));
 
@@ -38,7 +38,7 @@ protected function setUp()
             __DIR__,
         ));
 
-        $this->extension = new FormExtension(array(
+        $this->extension = new FormExtension($this->getMock('Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface'), array(
             'form_table_layout.html.twig',
             'custom_widgets.html.twig',
         ));