Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Bodyless response delayed ~10sec before forwarding the header

dog | Last updated: Jul 12, 2018 10:36AM UTC

Whilst conducting some testing I noticed that for a bodyless response like a 302 (that as per spec does not have a content-length/chunked header) the proxy waits ~10sec before forwarding the header, and when it is forwarded Burp has also added a content-length header with a zero value.

PortSwigger Agent | Last updated: Jul 12, 2018 10:37AM UTC

Hi Martin, Thanks for getting in touch. Does the request have "Transfer-encoding: chunked" ? If not, I believe that's an invalid POST request and Burp is falling back to waiting 10s for a body. If it does have chunked encoding, would you be able to share the precise request? You can email support@portswigger.net to avoid posting it publicly.

Burp User | Last updated: Jul 12, 2018 12:31PM UTC

Actually I've had a good look at this and it's not the response but the request: a bodyless request (like a POST) that does not include a content-length header with a zero value is delayed for ~10sec ...

Burp User | Last updated: Jul 13, 2018 06:53AM UTC

No, the request doesn't have a chunked header either. After having a google, this looks like one of those RFC grey areas where the implementation seems to be vary and the forums are full of theological debate. A quick look through a few common web servers show that they happily accept a bodyless POST with neither a content-length or transfer-encoding header. Happy to close.

PortSwigger Agent | Last updated: Jul 13, 2018 09:14AM UTC