diff --git a/src/aphront/AphrontRequest.php b/src/aphront/AphrontRequest.php
index 2561e397b6..4337577c3e 100644
--- a/src/aphront/AphrontRequest.php
+++ b/src/aphront/AphrontRequest.php
@@ -705,7 +705,7 @@ final class AphrontRequest extends Phobject {
   }
 
   public function isPreviewRequest() {
-    return $this->isFormPost() && $this->getStr('__preview__');
+    return $this->getStr('__preview__');
   }
 
   /**
diff --git a/src/applications/transactions/editengine/PhabricatorEditEngine.php b/src/applications/transactions/editengine/PhabricatorEditEngine.php
index a696fb6cf7..2021da3615 100644
--- a/src/applications/transactions/editengine/PhabricatorEditEngine.php
+++ b/src/applications/transactions/editengine/PhabricatorEditEngine.php
@@ -1892,10 +1892,11 @@ abstract class PhabricatorEditEngine
 
     $controller = $this->getController();
     $request = $controller->getRequest();
+    $is_preview = $request->isPreviewRequest();
 
     // NOTE: We handle hisec inside the transaction editor with "Sign With MFA"
     // comment actions.
-    if (!$request->isFormOrHisecPost()) {
+    if (!$request->isFormOrHisecPost() && !$is_preview) {
       return new Aphront400Response();
     }
 
@@ -1911,7 +1912,6 @@ abstract class PhabricatorEditEngine
 
     $fields = $this->buildEditFields($object);
 
-    $is_preview = $request->isPreviewRequest();
     $view_uri = $this->getEffectiveObjectViewURI($object);
 
     $template = $object->getApplicationTransactionTemplate();