Hello 42C Team,
I would like to understand the logic behind the ‘Accept’ and ‘Content-Type’ headers in the 42Crunch Conformance Scan. Specifically, how does 42Crunch choose the ‘Accept’ header for fuzz testing?
Hi Waztech 
I think the Accept header is chosen based on the media type defined for the corresponding response. Not sure if that’s included in the scope of the Conformance Scan fuzzing though.
Do you have a particular scenario you are testing?
Hi Anthony,
Thanks for your response and understood it
Scenario:
My API produces text/plain and consumes application/json. In the conformance scan, I noticed that the cURL request includes the Accept header as text/plain.
That’s why I wanted to know about this logic.
1 Like