From 75b24a7632a692fce57562a5ce5c622d707866c8 Mon Sep 17 00:00:00 2001
From: Tom Van Looy <tom@ctors.net>
Date: Fri, 26 Jan 2018 12:13:10 +0100
Subject: [PATCH] Update form_csrf_caching.rst

---
 http_cache/form_csrf_caching.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/http_cache/form_csrf_caching.rst b/http_cache/form_csrf_caching.rst
index 1acfe38ccc3..41aba4c0eab 100644
--- a/http_cache/form_csrf_caching.rst
+++ b/http_cache/form_csrf_caching.rst
@@ -36,7 +36,8 @@ Another option would be to load the form via an uncached AJAX request, but
 cache the rest of the HTML response.
 
 Or you can even load just the CSRF token with an AJAX request and replace the
-form field value with it.
+form field value with it. Take a look at :doc:`hinclude.js </templating/hinclude>`
+for a nice solution.
 
 .. _`Cross-site request forgery`: http://en.wikipedia.org/wiki/Cross-site_request_forgery
 .. _`Security CSRF Component`: https://github.com/symfony/security-csrf