Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Issues with Upstream Proxy and Chinese Character Display in Burp Suite, and Feature Requests

stuxn3t | Last updated: May 20, 2024 06:31PM UTC

Dear Burp Suite Support Team, I am writing to report several issues I have encountered while using Burp Suite and to suggest a few feature enhancements. **Issue 1: Inaccessibility of Certain Sites with Upstream Proxy Enabled** When I enable the upstream proxy in Burp Suite, I am unable to access certain websites, such as: - https://moodle.zwu.edu.cn Additionally, requests intended for `http://127.0.0.1` are unexpectedly being sent to the upstream server. This behavior is not as expected and disrupts my workflow. **Issue 2: Chromium Browser in Burp Suite Incompatibility** I am experiencing difficulties when using the Chromium browser within Burp Suite to access certain sites, for example, sites protected by Cloudflare like: - https://chatgpt.com However, when I use my system browser configured to use Burp's proxy (`127.0.0.1:8080`), everything works normally. I suspect this may be related to TLS fingerprinting issues, but it is perplexing that my system browser works correctly while Burp's integrated Chromium browser does not. **Bug: Chinese Characters Garbled in Intruder Grep-Extract Results** When using the Intruder tool, the grep-extract results display Chinese characters as garbled text. This issue significantly impacts the readability and usability of the results for users who rely on Chinese characters. **Feature Request 1: Fallback Font Support** I would like to request the addition of fallback font support in Burp Suite. I prefer using the CodeNewRoman font, but Burp Suite currently does not display Chinese characters when this font is selected. Having the ability to specify a fallback font that supports CJK (Chinese, Japanese, and Korean) characters would greatly enhance the user experience for users like myself who work with multiple languages. **Feature Request 2: Rendering Unicode Encodings** I would also like to request a feature to render Unicode encodings (e.g., `\uxxxxx`) in response results. This would improve the readability and analysis of responses containing Unicode characters. **Feature Request 3: Local Access Restriction for Burp Suite URL** Some websites use JavaScript to check if `http://burpsuite` is accessible, which can trigger honeypots if detected. It would be beneficial to have an option to restrict access to this URL to the local machine only, preventing external detection and potential honeypot activation. Thank you for considering my feedback. I appreciate the ongoing development and support for Burp Suite and hope that these issues can be addressed in future updates. Sincerely, NEX

Michelle, PortSwigger Agent | Last updated: May 21, 2024 11:02AM UTC