Products Solutions Research Academy Daily Swig

Burp Suite User Forum

Login to post

Meaning of the 'Edited' column in 'Proxy / HTTP history'

Nicolas | Last updated: Jan 16, 2020 10:55AM UTC

Hello, from my experience as a trainer, the meaning of the 'Edited' column in 'Proxy / HTTP history' is quite often misunderstood. In fact, students' expectations are coherent, they just don't match the design choices made by Portswigger. There are two builtin ways to edit the traffic going through the Proxy 1) manual modification when messages are intercepted 2) Match & Replace rules. In both scenarios, the modified entries appear in the history (resp. under names 'Edited request' and 'Auto-modified request'). However, the 'Edited' chekbox is checked only in the first case (manual modification of intercepted messages). A lot of people expect to have the column checked in both situations. The documentation states 'Flag whether the request or response were modified by the user', which is ambiguous https://portswigger.net/burp/documentation/desktop/tools/proxy/history My proposal: - check the column in both situations - rename the column to 'Modified' (optional) Thanks in advance, Nicolas

Hannah, PortSwigger Agent | Last updated: Jan 16, 2020 12:09PM UTC

Hi Nicolas I've put this in as a feature request to be further reviewed by the development team. We have a large backlog of requests at the moment, so we are unable to provide an ETA.

You need to Log in to post a reply. Or register here, for free.