diff --git a/client/src/controllers/DismissibleController.test.js b/client/src/controllers/DismissibleController.test.js
index 030f3ed681..9953865963 100644
--- a/client/src/controllers/DismissibleController.test.js
+++ b/client/src/controllers/DismissibleController.test.js
@@ -6,9 +6,8 @@ import {
 
 jest.mock('../config/wagtailConfig.ts', () => ({
   WAGTAIL_CONFIG: {
+    ...jest.requireActual('../config/wagtailConfig.ts').WAGTAIL_CONFIG,
     ADMIN_URLS: { DISMISSIBLES: '/admin/dismissibles/' },
-    CSRF_HEADER_NAME: 'X-CSRFToken',
-    CSRF_TOKEN: 'test-token',
   },
 }));
 
@@ -63,7 +62,7 @@ describe('DismissibleController', () => {
       method: 'PATCH',
       headers: {
         'Content-Type': 'application/json',
-        'X-CSRFToken': 'test-token',
+        'x-xsrf-token': 'potato',
       },
       body: JSON.stringify(data),
       mode: 'same-origin',
@@ -84,7 +83,7 @@ describe('updateDismissibles', () => {
       method: 'PATCH',
       headers: {
         'Content-Type': 'application/json',
-        'X-CSRFToken': 'test-token',
+        'x-xsrf-token': 'potato',
       },
       body: JSON.stringify(data),
       mode: 'same-origin',
diff --git a/client/src/controllers/PreviewController.test.js b/client/src/controllers/PreviewController.test.js
index 11a04295f8..43d6a58590 100644
--- a/client/src/controllers/PreviewController.test.js
+++ b/client/src/controllers/PreviewController.test.js
@@ -2,13 +2,6 @@ import { Application } from '@hotwired/stimulus';
 import { ProgressController } from './ProgressController';
 import { PreviewController } from './PreviewController';
 
-jest.mock('../config/wagtailConfig.ts', () => ({
-  WAGTAIL_CONFIG: {
-    CSRF_HEADER_NAME: 'X-CSRFToken',
-    CSRF_TOKEN: 'test-token',
-  },
-}));
-
 jest.useFakeTimers();
 jest.spyOn(global, 'setTimeout');
 
@@ -537,9 +530,7 @@ describe('PreviewController', () => {
       // Should NOT send a request to clear the preview data, as there is no
       // stale data that needs to be cleared
       expect(global.fetch).not.toHaveBeenCalledWith(url, {
-        headers: {
-          'X-CSRFToken': 'test-token',
-        },
+        headers: { 'x-xsrf-token': 'potato' },
         method: 'DELETE',
       });
 
@@ -686,9 +677,7 @@ describe('PreviewController', () => {
 
       // Should send a request to clear the preview data
       expect(global.fetch).toHaveBeenCalledWith(url, {
-        headers: {
-          'X-CSRFToken': 'test-token',
-        },
+        headers: { 'x-xsrf-token': 'potato' },
         method: 'DELETE',
       });
       // Should not try to reload the iframe yet