Have a form fill working with NAM 4.0.1 HF1 that calls some JavaScript on
submit to instead send a POST via Ajax with post body as JSON.

This works just fine with auto submit form fill but as soon as I turn on
mask values it fails.

Have verified that JSON I am sending has the nov-ss-ff-masked values
substituted of regular username and password. Have tried adding a third
field with name and value as the hidden input field.

No matter what I try the backend server says "invalid password" as

Does anyone know if the rewriting of mask data only occurs for requests
with specific content-type headers? Or

If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...