CSRF protection with Symfony

I'm unable to find Symfony documentation to activate CS开发者_高级运维RF protection in existent forms (with no protection).

I've set the csrf_protection with a token and so on, but forms are failing and I guess something is needed to work correctly.

Check that:

• There's an entry for it in settings.yml
• The CSRF token is rendered with the form in the template
• CSRF token is not disabled inside the form class (or its parents)

... that should work.

try rendering it manually in the template, it should be on by default. {{ form_widget(formName._token) }}

if this doesnt work try adding it to the form method setDefaultOptions

$resolver->setDefaults([
        'csrf_protection' => true
    ]);