Problem generating a CSRF PoC
I understand how basic CSRF works and i have reported some csrf issue to some bug bounty programs in the past, but i have encountered this issue that i don't know what to do.
I get this little message when trying to generate a CSRF PoC on a POST request without csrf token or headers:
> Warning: The CSRF form uses a different encoding type than the original request, and so the application may not process the request in the way
required. Further, the CSRF form uses plain text encoding, and the request body cannot be exactly reproduced because it does not contain the =
character. Try modifying the original request so that the body contains the = character.
Where exactly i should add the = character if the original requests looks liek this, example:
i have tried all forms of the CSRF poc generator and all of them didn't work.
Hope you can help me, thanks.
Looking at the source code, it appears this error message is raised when the encoding type specified by the Content-Type header is unable to be determined, or if it is different to the Encoding Type specified in the user interface panel.
Is what you have selected in the user interface different from what is specified in the Content-Type header of the request?