diff --git a/javascript/GridField.js b/javascript/GridField.js
index e45055ee2..19f162295 100644
--- a/javascript/GridField.js
+++ b/javascript/GridField.js
@@ -253,12 +253,18 @@
 		 */
 		$('.ss-gridfield .action.no-ajax').entwine({
 			onclick: function(e){
-				var self = this, btn = this.closest(':button'), grid = this.getGridField(), 
-					form = this.closest('form'), data = form.find(':input.gridstate').serialize();
+				var self = this, btn = this.closest(':button'), grid = this.getGridField(),
+					form = this.closest('form'), data = form.find(':input.gridstate').serialize(),
+					csrf = form.find('input[name="SecurityID"]').val();
 
 				// Add current button
 				data += "&" + encodeURIComponent(btn.attr('name')) + '=' + encodeURIComponent(btn.val());
 
+				// Add csrf
+				if(csrf) {
+					data += "&SecurityID=" + encodeURIComponent(csrf);
+				}
+
 				// Include any GET parameters from the current URL, as the view
 				// state might depend on it. For example, a list pre-filtered
 				// through external search criteria might be passed to GridField.