/** * Adds a CSRF field to the root form view. * * @param FormView $view The form view * @param FormInterface $form The form */ public function finishView(FormViewInterface $view, FormInterface $form, array $options) { if ($options['csrf_protection'] && !$view->hasParent() && $options['compound']) { $factory = $form->getConfig()->getAttribute('csrf_factory'); $data = $options['csrf_provider']->generateCsrfToken($options['intention']); $csrfForm = $factory->createNamed($options['csrf_field_name'], 'hidden', $data, array('mapped' => false)); $view->add($csrfForm->createView($view)); } }