@@ -21,10 +21,10 @@ Configuration
2121* `test `_
2222* `trusted_proxies `_
2323* `form `_
24- * enabled
24+ *:ref: ` enabled < form-enabled >`
2525* `csrf_protection `_
26- * enabled
27- * field_name
26+ *:ref: ` enabled < csrf-protection-enabled >`
27+ *` field_name `_
2828* `session `_
2929 * `name `_
3030 * `cookie_lifetime `_
@@ -49,6 +49,7 @@ Configuration
4949 *:ref: `enabled <translator.enabled >`
5050 * `fallback `_
5151* `validation `_
52+ *:ref: `enabled <validation-enabled >`
5253 * `cache `_
5354 * `enable_annotations `_
5455 * `translation_domain `_
@@ -196,9 +197,37 @@ see :doc:`/cookbook/request/load_balancer_reverse_proxy`.
196197form
197198~~~~
198199
200+ .. _form-enabled :
201+
202+ enabled
203+ .......
204+
205+ **type **: ``boolean `` **default **: ``false ``
206+
207+ Whether or not to enable support for the Form component.
208+
199209csrf_protection
200210~~~~~~~~~~~~~~~
201211
212+ .. _csrf-protection-enabled :
213+
214+ enabled
215+ .......
216+
217+ **type **: ``boolean `` **default **: ``true `` if form support is enabled, ``false ``
218+ otherwise
219+
220+ This option can be used to disable CSRF protection of forms. You need to
221+ disable CSRF protection to be able to disable session. For example, this
222+ is useful when you only use forms in an API-only website.
223+
224+ field_name
225+ ..........
226+
227+ **type **: ``string `` **default **: ``"_token" ``
228+
229+ The name of the hidden field used to render the:ref: `CSRF token <forms-csrf >`.
230+
202231session
203232~~~~~~~
204233
@@ -524,6 +553,16 @@ For more details, see :doc:`/book/translation`.
524553validation
525554~~~~~~~~~~
526555
556+ .. _validation-enabled :
557+
558+ enabled
559+ .......
560+
561+ **type **: ``boolean `` **default **: ``true `` if:ref: `form support is enabled <form-enabled >`,
562+ ``false `` otherwise
563+
564+ Whether or not to enable validation support.
565+
527566cache
528567.....
529568