# CSRF

## Protection

* May be a hidden field with an encoded value
```html
    <input type="hidden" name="csrf_protect" value="eyJk..n0=">
```
* This field need to be removed in order to do some csrf shenanigans
* Decode the value to reproduce some valid content.