Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Burp Suite Enterprise is not accepting URL's with Query parameters in the In-scope URL Prefixes.

Vijay | Last updated: Apr 30, 2024 06:59AM UTC

In FE Fundinfo, we utilize both the Professional and Enterprise editions. However, we are currently experiencing challenges in the Enterprise edition regarding the inclusion of URLs with query parameters for scanning. Could you provide guidance on resolving this matter? Sample URLs: https://qa-portal.fefundinfo.com/app/li_dashboard_ui/status/regulatory/all?regDataType=EPT&version=V21UK https://qa-portal.fefundinfo.com/app/li_dashboard_ui/status/regulatory/21af46e6-29ea-4bc3-9fad-68e205cb0127/details?groupBy=FileName&regDataType=DDO&version=2 https://qa-portal.fefundinfo.com/app/li_dashboard_ui/status/regulatory/7f888ffd-6f67-4542-94fd-5bfdd9029f9e/details?groupBy=FileName&regDataType=EET&version=V1.1.1

Dominyque, PortSwigger Agent | Last updated: Apr 30, 2024 08:28AM UTC

Hi Vijay Could you please expand on your requirements for us? Are you looking to define these as Start URLs or simply include them in-scope for scanning? Additionally, if we knock back the URL to the forward slash before the query parameters, is there any content under this path that you would not like to be scanned?

Vijay | Last updated: Apr 30, 2024 10:08AM UTC

Hi, We simply want to include URL with query parameters in in-scope for scanning, but we are encountering an issue where "query parameter are not permitted for included URLS". How can we address this and enable scanning with query parameters included? In other words, I want to add this below URL to detailed scope configuration. However, we are encountering an error when attempt to add it as an in-scope prefix. https://qa-portal.fefundinfo.com/app/li_dashboard_ui/status/regulatory/21af46e6-29ea-4bc3-9fad-68e205cb0127/details?groupBy=FileName&regDataType=DDO&version=2

Dominyque, PortSwigger Agent | Last updated: Apr 30, 2024 10:49AM UTC

Hi Vijay, Thank you for expanding on your use case. Query parameters are not supported in the in-scope prefixes list. However, it is unclear why you require query parameters in the in-scope URLs. Could you please let me know if we knock back the URL to the forward slash before the query parameters, is there any content under this path that you would not like to be scanned? If there is not, we would suggest taking off the query parameter, as this parameter would be in-scope when the scanner encounters it.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.