Hi
In our application we have three pages where in we fill the form and submit it.
Recently we introduced CSRF token on all the pages and this has caused all the form related tests to fail.
I thought it could be that the element has changed and tried to use other way of using the xpath but didnt help.
Then realised that the form has to be submitted along with the CSRF token hidden in the HTML.
So all I need from you guys is could someone tell me if anyone had similar probelm with CSRF tokens (while submitting forms) and if so how did you capture the csrf token and send it in the request headers along with the post.
I know that normally we can modify headers using modify_headers.xpi (firefox extension). I want to see if there is an easy way to do this.
FYI: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet
