diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
index 718ccdf41c..241ad767b6 100644
--- a/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
+++ b/web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java
@@ -151,7 +151,7 @@ public class CsrfWebFilter implements WebFilter {
 		ServerHttpRequest request = exchange.getRequest();
 		HttpHeaders headers = request.getHeaders();
 		MediaType contentType = headers.getContentType();
-		if (!contentType.includes(MediaType.MULTIPART_FORM_DATA)) {
+		if (!MediaType.MULTIPART_FORM_DATA.isCompatibleWith(contentType)) {
 			return Mono.empty();
 		}
 		return exchange.getMultipartData().map((d) -> d.getFirst(expected.getParameterName())).cast(FormFieldPart.class)
diff --git a/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
index e31c239219..aada7a4b62 100644
--- a/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
@@ -189,6 +189,17 @@ public class CsrfWebFilterTests {
 				.expectStatus().is2xxSuccessful();
 	}
 
+	@Test
+	public void filterWhenPostAndMultipartFormDataEnabledAndNoBodyProvided() {
+		this.csrfFilter.setCsrfTokenRepository(this.repository);
+		this.csrfFilter.setTokenFromMultipartDataEnabled(true);
+		given(this.repository.loadToken(any())).willReturn(Mono.just(this.token));
+		given(this.repository.generateToken(any())).willReturn(Mono.just(this.token));
+		WebTestClient client = WebTestClient.bindToController(new OkController()).webFilter(this.csrfFilter).build();
+		client.post().uri("/").header(this.token.getHeaderName(), this.token.getToken()).exchange().expectStatus()
+				.is2xxSuccessful();
+	}
+
 	@Test
 	public void filterWhenFormDataAndEnabledThenGranted() {
 		this.csrfFilter.setCsrfTokenRepository(this.repository);