Burp Suite User Forum

Login to post

HTTP Smuggling - HTML Report Export Bug

Ryan | Last updated: Nov 20, 2020 03:43PM UTC

When exporting a smuggling issue to html report, if the smuggling attack relies on a 'space' character immediately preceding the Transfer-Encoding header, the space character is not rendered in the report. This makes it impossible to reproduce the attack using only the information provided in the report. Burpsuite Pro 2020.11.1 A couple screenshots to illustrate: https://imgur.com/a/elhD9ks

Liam, PortSwigger Agent | Last updated: Nov 24, 2020 10:08AM UTC

Thanks for this report. We'll get it fixed.

You need to Log in to post a reply. Or register here, for free.