From 6092c5cbe30f12b15de47d4b74da55a610142ae0 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Wed, 15 Jan 2025 17:34:52 +0100
Subject: [PATCH] Force auto-generated CSRF token id

---
 src/Factory/FormFactory.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Factory/FormFactory.php b/src/Factory/FormFactory.php
index b6193a3928..a19242ef5f 100644
--- a/src/Factory/FormFactory.php
+++ b/src/Factory/FormFactory.php
@@ -35,6 +35,7 @@ public function createEditFormBuilder(EntityDto $entityDto, KeyValueStore $formO
         $formOptions->set('attr.class', trim(($formOptions->get('attr.class') ?? '').' '.$cssClass));
         $formOptions->set('attr.id', sprintf('edit-%s-form', $entityDto->getName()));
         $formOptions->set('entityDto', $entityDto);
+        $formOptions->set('csrf_token_id', '');
         $formOptions->setIfNotSet('translation_domain', $context->getI18n()->getTranslationDomain());
 
         return $this->symfonyFormFactory->createNamedBuilder($entityDto->getName(), CrudFormType::class, $entityDto->getInstance(), $formOptions->all());
@@ -51,6 +52,7 @@ public function createNewFormBuilder(EntityDto $entityDto, KeyValueStore $formOp
         $formOptions->set('attr.class', trim(($formOptions->get('attr.class') ?? '').' '.$cssClass));
         $formOptions->set('attr.id', sprintf('new-%s-form', $entityDto->getName()));
         $formOptions->set('entityDto', $entityDto);
+        $formOptions->set('csrf_token_id', '');
         $formOptions->setIfNotSet('translation_domain', $context->getI18n()->getTranslationDomain());
 
         return $this->symfonyFormFactory->createNamedBuilder($entityDto->getName(), CrudFormType::class, $entityDto->getInstance(), $formOptions->all());