CSRF via Content-Type Lab

Current Session

Your current name: BrightHawk

Session ID: 7rc12iumouq7f8be4lqtaqvnjl

How to Test

You can update your name by sending a POST request to this endpoint with either:

Content-Type: application/json
Content-Type: text/plain

Example request:

                POST /csrfContentType.php

                Content-Type: text/plain

                {"name": "NewName"}

Vulnerability

This endpoint accepts both application/json and text/plain content types. The text/plain content type can be sent via a top-level navigation, making it vulnerable to CSRF attacks even with SameSite cookies.