Burp Suite User Forum

Login to post

Prompt before loading large responses

Tim | Last updated: Sep 23, 2020 03:45PM UTC

I frequently see large javascript responses exceeding 3MB. When I click on one of these, my instance of Burp freezes for around 20 seconds. Sometimes this click is accidental, or sometimes I simply don't notice the size of the response before clicking. I'm guessing this freezing is due to loading the long response into the Burp GUI. It would be great if the response pane had a size threshold, beyond which the UI would prompt prior to actually loading the content. (I.e. something like "Response not loaded due to large size. Click [here] to load it anyway"). Note that I am aware that I can hide javascript files entirely via the filter dialog. However this is not desirable, because I DO want to see the smaller javascript files (and would like to see the rows representing the larger files as well, even if I don't want to load their content immediately).

Uthman, PortSwigger Agent | Last updated: Sep 23, 2020 04:09PM UTC

Hi Tim, Thanks a lot for the feature request but this sounds like a bug. Can you please email us on support@portswigger.net with the below? - Diagnostics (Help > Diagnostics) - If possible, the JS response - Any relevant screenshots or other information you think may be helpful

Tim | Last updated: Sep 23, 2020 08:14PM UTC

I'll surely send what I can to help, but honestly this has always been the case for me (across multiple Burp installs on multiple computers) - selecting large responses (typically anything > 1 MB) in the proxy history table freezes the UI for a while (while it loads the large payload into the details). Same for Repeater tab.

Tim | Last updated: Sep 23, 2020 08:14PM UTC

(would be happy for other users to chime in here too, if they've experienced the same)

Jens | Last updated: Oct 05, 2020 09:45AM UTC

I am experiencing the same and it's frankly quite annoying for the user experience. One accidental click and your Burp freezes for a few minutes without any possibility to abort.

Uthman, PortSwigger Agent | Last updated: Oct 05, 2020 09:59AM UTC

Hi Jens, Can you please email us with the same information requested above?

floyd | Last updated: Oct 26, 2020 12:50PM UTC

Uthman, this is not a bug, this is a feature request. Everyone's Burp freezes when you click on a response with JavaScript that is for example 3MB large in the Proxy tab, because it needs to load it into the UI. We would like Burp to behave differently: When it sees that the response is very large, only display the HTTP headers and a button that says "do you want to show the large response?". Btw. the same would be helpful for large requests (happens less often, but I've seen Java fat clients sending a huge amount of data). The current behavior is problematic when you "look through" responses (e.g. with the arrow buttons on your keyboard) and you hit one of the large responses, you will need to wait for Burp to finish loading for 30 seconds.

Michelle, PortSwigger Agent | Last updated: Oct 27, 2020 01:45PM UTC

Thanks for the feedback. This has been raised as a feature request, I've added your comments to it as well and we'll post back here when there's an update.

You need to Log in to post a reply. Or register here, for free.