|
# CSRF
|
|
|
|
## Protection
|
|
|
|
* May be a hidden field with an encoded value
|
|
```html
|
|
<input type="hidden" name="csrf_protect" value="eyJk..n0=">
|
|
```
|
|
* This field need to be removed in order to do some csrf shenanigans
|
|
* Decode the value to reproduce some valid content.
|
|
|