I needed to test for vulnerabilities in a PHP form and realized I didn’t have a convenient method of doing so. I discovered and used RESTClient, an add-on for Firefox, but was struggling when the POST requests didn’t work. I found the article Using RESTClient to test REST APIs, which concisely explained:

Most people get caught out because they forget to set the "Content-Type" header; since HTTP POST requests are generally of the type "application/x-www-form-urlencoded", you need to manually add this. If you fail to add this header, the server-side will not know that FORM data is being POST’ed and drop all of your FORM data.

Later on, I came across a smart StackOverflow self-answer that summarized the Form content types portion of the W3C specs.

The enc-type (or encoding type) should be set to application/x-www-form-urlencoded when using the tool to simulate a standard, non-file form submission. In the body part of the submission, the data should be similar to a GET submission, with key-values separated by an equal sign (=) and appended with an ampersand (&). Example of the body-part: name=domtancredi&rock=on

The question referenced a REST Java client called WizTools RESTClient, which has application/x-www-form-urlencoded conveniently selectable in the body request tab.