Hi
Could you drop us an email at support@portswigger.net with your code so we can take a look at it, please?
We've just tested adding an issue directly using the referenced method, but have not had any issues in either a temporary project file or a disk-based project file.
package burp;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.List;
public class BurpExtender implements IBurpExtender
{
private IBurpExtenderCallbacks callbacks;
@Override
public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks) {
this.callbacks = callbacks;
callbacks.setExtensionName("Extender API scan checks");
IHttpService service = new IHttpService()
{
@Override
public String getHost()
{
return "portswigger-labs.net";
}
@Override
public int getPort()
{
return 443;
}
@Override
public String getProtocol()
{
return "https";
}
};
IHttpRequestResponse requestResponse = callbacks.makeHttpRequest(service, "GET / HTTP/1.1\r\nHost: portswigger-labs.net\r\n\r\n".getBytes(StandardCharsets.UTF_8));
int[] markers = {5, 30};
callbacks.addScanIssue(new CustomScanIssue(requestResponse, callbacks.applyMarkers(requestResponse, List.of(markers), List.of(markers))));
}
private class CustomScanIssue implements IScanIssue
{
private final IHttpRequestResponse baseRequestResponse;
private final IHttpRequestResponseWithMarkers marked;
public CustomScanIssue(IHttpRequestResponse baseRequestResponse, IHttpRequestResponseWithMarkers marked)
{
this.baseRequestResponse = baseRequestResponse;
this.marked = marked;
}
@Override
public URL getUrl() {
return callbacks.getHelpers().analyzeRequest(baseRequestResponse).getUrl();
}
@Override
public String getIssueName() {
return "wiener issue";
}
@Override
public int getIssueType() {
return 0;
}
@Override
public String getSeverity() {
return "High";
}
@Override
public String getConfidence() {
return "Certain";
}
@Override
public String getIssueBackground() {
return "test";
}
@Override
public String getRemediationBackground() {
return "test";
}
@Override
public String getIssueDetail() {
return "test";
}
@Override
public String getRemediationDetail() {
return "test";
}
@Override
public IHttpRequestResponse[] getHttpMessages() {
return new IHttpRequestResponse[]{marked};
}
@Override
public IHttpService getHttpService() {
return baseRequestResponse.getHttpService();
}
}
}