Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Prevent 304's from replacing valid responses in Site map

Peter | Last updated: Apr 10, 2022 11:31AM UTC

Hello, I often use site map after an initial recon sweep to collect and extract data such as Javascript or page content from a site for out-of-Burp analysis. One really annoying "feature" of Site Map is that it will often store and/or replace existing 200 OK requests (with content) with 304 Not Modified requests, which obviously do not have associated content. Is it possible to prevent Site Map from storing a 304 request? Thanks, Peter

Liam, PortSwigger Agent | Last updated: Apr 11, 2022 12:51PM UTC

Hi Peter, have you tried using the filter bar? - https://portswigger.net/burp/documentation/desktop/tools/target/site-map#site-map-display-filter

Peter | Last updated: Apr 21, 2022 08:28PM UTC

Hi Liam, Yes, but that's not exactly solving my problem. The problem is that site map stores the content of the most recent response even if it's empty content. Here's what happens: - I request site.com/js/a.js for the first time - server returns a 200 and content of the JS file and this will show up in site map - I request the same file a 2nd time and the server returns a 304 "not modified" with empty content - this response is stored in site map and overwrites the first response There is no benefit to overwriting valid responses in site map with 304 and an empty body, I have no way to get the old content back without forcibly re-requesting it. I would appreciate it if site map could be modified to not overwrite non-empty content with empty content (i.e. a 30x HTTP response should never overwrite a non-30x HTTP response). Sorry for the late reply, for some reason I didn't get notified that you had replied! Thanks, ~~ Peter

Liam, PortSwigger Agent | Last updated: Apr 22, 2022 10:27AM UTC

Hi Peter. Unfortunately, we don't have a short-term solution for your workflow. We do have long-term plans to redesign our site map. I've had a discussion with the product team and they think that this will resolve your current issue. Sorry, we don't have anything to help you work around your current issue.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.