diff --git a/site/plugins/form/app/Controllers/FormController.php b/site/plugins/form/app/Controllers/FormController.php
index 4302071d..ecc2f8d1 100644
--- a/site/plugins/form/app/Controllers/FormController.php
+++ b/site/plugins/form/app/Controllers/FormController.php
@@ -591,10 +591,11 @@ class FormController extends Controller
      */
     protected function _csrfHiddenField() : string
     {
-        $field  = '<input type="hidden" name="' . $this->flextype['csrf']->getTokenNameKey() . '" value="' . $this->flextype['csrf']->getTokenName() . '">';
-        $field .= '<input type="hidden" name="' . $this->flextype['csrf']->getTokenValueKey() . '" value="' . $this->flextype['csrf']->getTokenValue() . '">';
-
-        return $field;
+        return $this->flextype['view']->fetch('plugins/form/templates/fields/hidden-csrf/field.html',
+                           ['getTokenNameKey' => $this->flextype['csrf']->getTokenNameKey(),
+                            'getTokenName' => $this->flextype['csrf']->getTokenName(),
+                            'getTokenValueKey' => $this->flextype['csrf']->getTokenValueKey(),
+                            'getTokenValue' => $this->flextype['csrf']->getTokenValue()]);
     }
 
     /**
diff --git a/site/plugins/form/templates/fields/hidden-csrf/field.html b/site/plugins/form/templates/fields/hidden-csrf/field.html
new file mode 100644
index 00000000..95b4d09f
--- /dev/null
+++ b/site/plugins/form/templates/fields/hidden-csrf/field.html
@@ -0,0 +1,2 @@
+<input type="hidden" name="{{ getTokenNameKey }}" value="{{ getTokenName }}">
+<input type="hidden" name="{{ getTokenValueKey }}" value="{{ getTokenValue }}">
\ No newline at end of file