Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Display Bug after a weird HTTP Response

Anony | Last updated: Feb 22, 2016 04:02PM UTC

While testing an application, I got the following HTTP Response: HTTP/1.1 200 OK Date: Mon, 22 Feb 2016 15:52:27 GMT Expires: Mon, 22 Feb 2016 15:52:27 GMT Cache-Control: no-cache, private, no-store Content-Type: text/javascript; charset=utf-8 Pragma: no-cache Date: Mon, 22 Feb 2016 15:52:27 GMT X-Lift-Version: xxxx X-Frame-Options: SAMEORIGIN Content-Length: 1 Connection: close HTTP/1.1 200 OK Date: Mon, 22 Feb 2016 15:52:09 GMT Expires: Mon, 22 Feb 2016 15:52:27 GMT Cache-Control: no-cache, private, no-store Content-Type: text/javascript; charset=utf-8 Pragma: no-cache Date: Mon, 22 Feb 2016 15:52:27 GMT X-Lift-Version: xxx X-Frame-Options: SAMEORIGIN Content-Length: 894 Connection: close sensitive_data_here_removed. It 894 bytes of data. ------ Notice how it looks like the server send TWO responses in one response. Their javascript was able to act on this, and perform an action. So they are expecting the weird output. But the thing is, in the BURP GUI, you do no see the 2nd response at all. I didn't even know it was there. I found run 'strings' on my burp temp file to find the full response. Anyway to make the BURP GUI show the entire (and totally invalid) HTTP response? Maybe make the code display the RAW response, not just the first valid response.

PortSwigger Agent | Last updated: Feb 23, 2016 09:44AM UTC

We've tried to reproduce this problem (with Repeater as the client) and we're not seeing any problem. Burp appears to display the full response correctly. Which Burp tool were you using when you see the problem with the full response not being displayed? Were there any other repro steps other than a response with two sets of headers?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.