diff --git a/actionpack/lib/action_view/helpers/csrf_helper.rb b/actionpack/lib/action_view/helpers/csrf_helper.rb
index 2d6af52180..6f98bd4573 100644
--- a/actionpack/lib/action_view/helpers/csrf_helper.rb
+++ b/actionpack/lib/action_view/helpers/csrf_helper.rb
@@ -4,7 +4,7 @@ module ActionView
       # Returns a meta tag with the request forgery protection token for forms to use. Put this in your head.
       def csrf_meta_tag
         if protect_against_forgery?
-          %(<meta name="csrf-token" content="#{Rack::Utils.escape(form_authenticity_token)}"/>).html_safe
+          %(<meta name="csrf-param" content="#{Rack::Utils.escape(request_forgery_protection_token)}"/>\n<meta name="csrf-token" content="#{Rack::Utils.escape(form_authenticity_token)}"/>).html_safe
         end
       end
     end
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index 55c21bc84a..77d07d8eeb 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -218,7 +218,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase
 
   test 'should emit a csrf-token meta tag' do
     get :meta
-    assert_equal %(<meta name="csrf-token" content="#{@token}"/>), @response.body
+    assert_equal %(<meta name="csrf-param" content="authenticity_token"/>\n<meta name="csrf-token" content="#{@token}"/>), @response.body
   end
 end