Static caching with inlined forms

Mykolas Mankevicius


Notice: the {{ errors }} and {{ success }} tags won't work with this. As you're redirecting back to the same static page. Best options for this is to have basic html validation for the fields, and on success redirect to a success page.


  1. Copy the "DynamicToken" folder contents to your Statamic site/addons directory
  2. Run php please update:addons to load the addons dependencies.


You can configure the addon by visiting CP > Addons > Dynamic Token:

  • Refresh interval - an interval for updating your csrf token every n minutes.
  • CSS Selector - If you want to change the default selector, note this will break {{ form:create }}.


  • disable CSRF verification by adding /!/DynamicToken to the csrf_exclude array in site/settings/system.yaml. Don't worry we check that the referrer is comming from your APP_URL, but this still carries its own risks.
  • add a {{ dynamic_token }} to your layout file just before </body> tag.
  • add an APP_URL=<your_site_url> to your .env file. local development: APP_URL=localhost


<!DOCTYPE html>
<html lang="en">
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Dynamic Token</title>

    {{ form:create in="superfans" }}
        {{ fields }}
            <label>{{ display }}
                <input type="text" name="{{ field }}" value="{{ old }}" />
        {{ /fields }}
    {{ /form:create }}

    {{ dynamic_token }}



Icons made by Freepik from

MIT License