diff --git a/app/Resources/static/themes/material/js/shortcuts/entry.js b/app/Resources/static/themes/material/js/shortcuts/entry.js
index a8cbd787a..3c84e4c6b 100644
--- a/app/Resources/static/themes/material/js/shortcuts/entry.js
+++ b/app/Resources/static/themes/material/js/shortcuts/entry.js
@@ -10,7 +10,7 @@ $(document).ready(() => {
 
     /* mark as favorite */
     Mousetrap.bind('f', () => {
-      $('ul.side-nav a.favorite i')[0].click();
+      $('ul.side-nav button.favorite i')[0].click();
     });
 
     /* mark as read */
diff --git a/src/Wallabag/CoreBundle/Controller/EntryController.php b/src/Wallabag/CoreBundle/Controller/EntryController.php
index 10c50a071..4032c5c73 100644
--- a/src/Wallabag/CoreBundle/Controller/EntryController.php
+++ b/src/Wallabag/CoreBundle/Controller/EntryController.php
@@ -467,12 +467,16 @@ class EntryController extends AbstractController
     /**
      * Changes starred status for an entry.
      *
-     * @Route("/star/{id}", requirements={"id" = "\d+"}, name="star_entry")
+     * @Route("/star/{id}", name="star_entry", methods={"POST"}, requirements={"id" = "\d+"})
      *
      * @return RedirectResponse
      */
     public function toggleStarAction(Request $request, Entry $entry)
     {
+        if (!$this->isCsrfTokenValid('star-entry', $request->request->get('token'))) {
+            throw new BadRequestHttpException('Bad CSRF token.');
+        }
+
         $this->checkUserAction($entry);
 
         $entry->toggleStar();
diff --git a/src/Wallabag/CoreBundle/Resources/views/Entry/_card_actions.html.twig b/src/Wallabag/CoreBundle/Resources/views/Entry/_card_actions.html.twig
index 376d7875c..bd6f7f2b9 100644
--- a/src/Wallabag/CoreBundle/Resources/views/Entry/_card_actions.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/Entry/_card_actions.html.twig
@@ -23,7 +23,13 @@
             </form>
         </li>
         <li>
-            <a title="{{ 'entry.list.toogle_as_star'|trans }}" class="tool grey-text" href="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" data-action="star" data-entry-id="{{ entry.id }}"><i class="material-icons">{% if entry.isStarred == 0 %}star_border{% else %}star{% endif %}</i></a>
+            <form action="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" method="post" class="inline-block">
+                <input type="hidden" name="token" value="{{ csrf_token('star-entry') }}"/>
+
+                <button type="submit" class="btn-link tool grey-text" title="{{ 'entry.list.toogle_as_star'|trans }}">
+                    <i class="material-icons">{% if entry.isStarred == 0 %}star_border{% else %}star{% endif %}</i>
+                </button>
+            </form>
         </li>
         <li>
             <a title="{{ 'entry.list.delete'|trans }}" onclick="return confirm('{{ 'entry.confirm.delete'|trans|escape('js') }}')" data-action-confirm="{{ 'entry.confirm.delete'|trans }}" class="tool grey-text delete" href="{{ path('delete_entry', {'id': entry.id, redirect: current_path}) }}" data-action="delete" data-entry-id="{{ entry.id }}"><i class="material-icons">delete</i></a>
diff --git a/src/Wallabag/CoreBundle/Resources/views/Entry/_card_list.html.twig b/src/Wallabag/CoreBundle/Resources/views/Entry/_card_list.html.twig
index e39d54cf8..cd1ff7df6 100644
--- a/src/Wallabag/CoreBundle/Resources/views/Entry/_card_list.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/Entry/_card_list.html.twig
@@ -22,7 +22,13 @@
                     <i class="material-icons">{% if entry.isArchived == 0 %}done{% else %}unarchive{% endif %}</i>
                 </button>
             </form>
-            <a title="{{ 'entry.list.toogle_as_star'|trans }}" class="tool grey-text" href="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}"><i class="material-icons">{% if entry.isStarred == 0 %}star_border{% else %}star{% endif %}</i></a>
+            <form action="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" method="post" class="inline-block">
+                <input type="hidden" name="token" value="{{ csrf_token('star-entry') }}"/>
+
+                <button type="submit" class="btn-link tool grey-text" title="{{ 'entry.list.toogle_as_star'|trans }}">
+                    <i class="material-icons">{% if entry.isStarred == 0 %}star_border{% else %}star{% endif %}</i>
+                </button>
+            </form>
             <a title="{{ 'entry.list.delete'|trans }}" onclick="return confirm('{{ 'entry.confirm.delete'|trans|escape('js') }}')" class="tool grey-text delete" href="{{ path('delete_entry', {'id': entry.id, redirect: current_path}) }}"><i class="material-icons">delete</i></a>
         </li>
     </ul>
diff --git a/src/Wallabag/CoreBundle/Resources/views/Entry/entry.html.twig b/src/Wallabag/CoreBundle/Resources/views/Entry/entry.html.twig
index cec681957..4aaa006bf 100644
--- a/src/Wallabag/CoreBundle/Resources/views/Entry/entry.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/Entry/entry.html.twig
@@ -35,9 +35,13 @@
                     </form>
                 </li>
                 <li>
-                    <a class="waves-effect" title="{{ 'entry.view.left_menu.set_as_starred'|trans }}" href="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" id="setFav">
-                        <i class="material-icons small">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i>
-                    </a>
+                    <form action="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" method="post" class="inline-block">
+                        <input type="hidden" name="token" value="{{ csrf_token('star-entry') }}"/>
+
+                        <button type="submit" class="waves-effect" title="{{ 'entry.view.left_menu.set_as_starred'|trans }}">
+                            <i class="material-icons small">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i>
+                        </button>
+                    </form>
                 </li>
             </ul>
         </div>
@@ -89,10 +93,14 @@
         </li>
 
         <li class="bold hide-on-med-and-down">
-            <a class="waves-effect collapsible-header favorite" title="{{ 'entry.view.left_menu.set_as_starred'|trans }}" href="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" id="setFav">
-                <i class="material-icons spall">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i>
-                <span>{{ 'entry.view.left_menu.set_as_starred'|trans }}</span>
-            </a>
+            <form action="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" method="post">
+                <input type="hidden" name="token" value="{{ csrf_token('star-entry') }}"/>
+
+                <button type="submit" class="waves-effect collapsible-header favorite" title="{{ 'entry.view.left_menu.set_as_starred'|trans }}">
+                    <i class="material-icons spall">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i>
+                    <span>{{ 'entry.view.left_menu.set_as_starred'|trans }}</span>
+                </button>
+            </form>
             <div class="collapsible-body"></div>
         </li>
         <li class="bold border-bottom">
@@ -321,7 +329,15 @@
                       </button>
                   </form>
               </li>
-              <li><a class="btn-floating" href="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}"><i class="material-icons">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i></a></li>
+              <li>
+                  <form action="{{ path('star_entry', {'id': entry.id, redirect: current_path}) }}" method="post" class="inline-block">
+                      <input type="hidden" name="token" value="{{ csrf_token('star-entry') }}"/>
+
+                      <button type="submit" class="btn-floating">
+                          <i class="material-icons">{% if entry.isStarred == 0 %}star_outline{% else %}star{% endif %}</i>
+                      </button>
+                  </form>
+              </li>
               <li><a class="btn-floating" href="{{ path('delete_entry', {'id': entry.id, redirect: current_path}) }}" onclick="return confirm('{{ 'entry.confirm.delete'|trans|escape('js') }}')"><i class="material-icons">delete</i></a></li>
             </ul>
         </div>
diff --git a/tests/Wallabag/CoreBundle/Controller/EntryControllerTest.php b/tests/Wallabag/CoreBundle/Controller/EntryControllerTest.php
index 83b481560..5d1c74b46 100644
--- a/tests/Wallabag/CoreBundle/Controller/EntryControllerTest.php
+++ b/tests/Wallabag/CoreBundle/Controller/EntryControllerTest.php
@@ -670,7 +670,9 @@ class EntryControllerTest extends WallabagCoreTestCase
         $this->getEntityManager()->flush();
         $this->getEntityManager()->clear();
 
-        $client->request('GET', '/star/' . $entry->getId());
+        $crawler = $client->request('GET', '/view/' . $entry->getId());
+
+        $client->submit($crawler->filter('.left-bar')->selectButton('entry.view.left_menu.set_as_starred')->form());
 
         $this->assertSame(302, $client->getResponse()->getStatusCode());