Burp Suite User Forum

Login to post

Add option to leave original request in place when Repeater follows redirect

Chris | Last updated: Sep 01, 2021 03:58AM UTC

When repeater follows a redirect it would be nice to be able to keep the request panel containing the original request. Having it change to the second request (the redirect) can be annoying when testing for success/failure conditions manually (e.g. login pages) where sending a new request to the second page is of no use in the testing scenario. For a bit more clarity as to why it would be useful feature: Sending a request to /login.php. If I use correct credentials I get a redirect to /admin_panel.php. If I use incorrect credentials I get a redirect to /failure.php and if I cause and error I get a redirect to /error500.html Repeater's current behaviour means each time I have to back up one request in the history to make a change to the original request to /login.php. None of /failure.php, /admin_panel.php or /error500.html will process the parameters I pass, so it is of no use for my current test and in many situations changing the new paramters/cookies/headers in the second request are not useful or are a later test case.

Uthman, PortSwigger Agent | Last updated: Sep 01, 2021 01:24PM UTC

Hi Chris, Thanks for this request. To clarify, are you seeing the request automatically update to the redirected request in the UI in the Repeater? Can you please share a screen recording of this behavior with support@portswigger.net along with diagnostics (Help > Diagnostics)? I can replicate the behavior you are seeing but only when Repeater > Follow redirections is set to 'Never'. Can you try setting this to 'Always'? It should prevent the request from automatically changing to the redirect.

You need to Log in to post a reply. Or register here, for free.