diff --git a/Controller/UploadController.php b/Controller/UploadController.php
index dd81da810b2321b6976ee717d126ea80be066dea..ea29e3a74329ce992c666e466bd25d67519a3157 100644
--- a/Controller/UploadController.php
+++ b/Controller/UploadController.php
@@ -28,6 +28,8 @@ use Symfony\Component\Routing\RouterInterface;
  */
 class UploadController extends Controller
 {
+    const CSRF_INTENTION = "file_upload";
+
     /**
      *
      * @var FileManagerInterface
@@ -66,7 +68,7 @@ class UploadController extends Controller
 
         $file = $this->fileManager->create($data['name'], $data['size'], $data['type'], $data['lastModified']);
 
-        $token = $this->csrfProvider->generateCsrfToken("file-upload");
+        $token = $this->csrfProvider->generateCsrfToken(self::CSRF_INTENTION);
 
         $location = $this->router->generate(
             'file_upload_put',
@@ -206,8 +208,8 @@ class UploadController extends Controller
      */
     protected function validateToken(Request $request)
     {
-        if(!$this->csrfProvider->isCsrfTokenValid("file-upload", $request->query->get('token', null))) {
-            throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid token');
+        if(!$this->csrfProvider->isCsrfTokenValid(self::CSRF_INTENTION, $request->query->get('token', null))) {
+            throw new HttpException(Response::HTTP_FORBIDDEN, 'Invalid CSRF token');
         }
     }
 
diff --git a/Form/Type/FileUploadType.php b/Form/Type/FileUploadType.php
index 061a2a40e26bf9d264c78c064628b00af56dc871..4204500ec0c880316d8a650dd37165e9bf37cc95 100644
--- a/Form/Type/FileUploadType.php
+++ b/Form/Type/FileUploadType.php
@@ -9,6 +9,7 @@ namespace Irstea\FileUploadBundle\Form\Type;
 
 use Irstea\FileUploadBundle\Service\FileManagerInterface;
 use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface;
 use Symfony\Component\Form\FormInterface;
 use Symfony\Component\Form\FormView;
 use Symfony\Component\OptionsResolver\OptionsResolverInterface;
@@ -30,10 +31,21 @@ class FileUploadType extends AbstractType
      */
     private $fileManager;
 
-    public function __construct(Router $router, FileManagerInterface $fileManager)
+    /**
+     * @var CsrfProviderInterface
+     */
+    protected $csrfProvider;
+
+    /**
+     *
+     * @param Router $router
+     * @param FileManagerInterface $fileManager
+     */
+    public function __construct(Router $router, FileManagerInterface $fileManager, CsrfProviderInterface $csrfProvider)
     {
         $this->router = $router;
         $this->fileManager = $fileManager;
+        $this->csrfProvider = $csrfProvider;
     }
 
     public function buildView(FormView $view, FormInterface $form, array $options)
@@ -53,6 +65,7 @@ class FileUploadType extends AbstractType
                 'multiple'   => false,
             ]
         );
+        $view->vars['csrfToken'] = $this->csrfProvider->generateCsrfToken(UploadController::CSRF_INTENTION);
     }
 
     protected function getWidgetDefaults()
diff --git a/Resources/config/services.yml b/Resources/config/services.yml
index a926211f7a89ad48a24ed1f3a62b7061a406abf3..ba76ea515941f40b4ea6a1e93b512b257c99694e 100644
--- a/Resources/config/services.yml
+++ b/Resources/config/services.yml
@@ -36,6 +36,7 @@ services:
         arguments:
             - @router
             - @irstea_file_upload.file_manager
+            - @form.csrf_provider
         tags:
             - { name: form.type, alias: file_upload }