Burp Suite User Forum

Login to post

any way to bypass preflighted XHR request in a CSRF attack?

Zonduhackerone | Last updated: Dec 09, 2019 11:20AM UTC

Hello, i found a website where they have as a CSRF protection CORS and a short custom header (without token - just a header that is for all users). i found a way to bypass the CORS protection but when trying to reproduce the vulnerability i need to add the custom header too. The header is like --> something: v2 So it doesn't have a token or anything, but when adding it in the XHR PoC generated by burp suite pro i get the request preflighted and going as OPTIONS. is there any way to bypass this? I think there is a way because if not, all websites should add a small custom header in all requests to be protected against CSRF.

Mike, PortSwigger Agent | Last updated: Dec 10, 2019 10:26AM UTC

Hi, Could you clarify if you are asking if there is any way to prevent the Preflight Request when submitting the XHR PoC from the browser?

You need to Log in to post a reply. Or register here, for free.