Burp Suite User Forum

Create new post

Are the clickjacking labs no longer working?

Kim | Last updated: Mar 31, 2024 03:52AM UTC

Have been working on the clickjacking labs however it looks like cookies are not being passed to the iframe - when framing the site the my-account page is being redirected to the login page. I did these labs a couple of months ago & was able to complete them - has something changed recently? Tried in both Firefox + Chrome.

Kim | Last updated: Mar 31, 2024 04:53AM UTC

I had to enable third party cookies in firefox & chrome settings- not sure why I didn't have to do that before.

Kim | Last updated: Mar 31, 2024 04:58AM UTC

https://developer.mozilla.org/en-US/blog/goodbye-third-party-cookies/ <- the labs + exam should be updated/or mention that 3rd party cookies need to be enabled.

Ben, PortSwigger Agent | Last updated: Apr 01, 2024 06:16AM UTC

Hi Kim, The embedded browser within the latest versions of Burp has a flag enabled by default that is causing issues with these labs. In ther interim, whilst we resolve this issue, you should still be able to use a normal version of Chrome to complete the labs, however (the flag is not enabled in Chrome). To clarify, does this also not work for you?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.