Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

RST_STREAM HTTP1.1 error

Gary | Last updated: Nov 22, 2021 12:32PM UTC

Hi, I'm trying to browser a web app via the inbuilt burp browser and also Chrome (pointing at Burp as the local proxy) but am getting the below error: RST_STREAM received with error code: 0xd (Use HTTP/1.1 for the request) I've tried disabling HTTP2 in the proxy listener option and also in the project options but I'm still getting the error. Could you give me an ideas re how to prevent the error? If I browse the app directly without proxying via Burp then everything loads correctly. Thanks

Michelle, PortSwigger Agent | Last updated: Nov 22, 2021 02:58PM UTC

Thanks for your message. Are you seeing this just with specific sites? If so and the site is publicly accessible would you be happy to email support@portswigger.net with details of the site in question? Can you also let us know which version of Burp you are using and which OS it is installed on, please?

Andries | Last updated: Nov 23, 2021 08:57AM UTC

Same error here. - site is no publicly accessible. - site uses HTTP/2 - site uses NTLMv2 authentication No issues if the site is accessed without a proxy. When the site is used with OWASP ZAP, it loads also successfully with only HTTP/1.1 requests.

Michelle, PortSwigger Agent | Last updated: Nov 23, 2021 09:43AM UTC

Thanks for your message. From your description, it's possible that the site you are testing is telling Burp that it supports HTTP/2 and so Burp is using HTTP/2. The NTLMv2 authentication though requires an HTTP/1.1 connection. If you configure Burp so HTTP/2 is disabled, this should help. If you're trying to use Burp's embedded browser or proxy an external browser via Burp, you can disable HTTP/2 under Proxy -> Options -> Proxy Listener -> Edit -> HTTP -> Disable Support HTTP/2 If you're trying to send requests using the Repeater tool and are seeing this error you can disable HTTP/2 under Project Options -> HTTP/2 -> Default to HTTP/2 if the server support it. Please let me know if you've got any questions.

Andries | Last updated: Nov 23, 2021 11:53AM UTC

OK, I got it working... Go to Project Options > http tab > deselect "Default to HTTP/2 if server supports it.

Andries | Last updated: Nov 23, 2021 11:54AM UTC

Thanks for you help.

Andrew | Last updated: May 16, 2022 10:29PM UTC

Not sure if its related to the problem everyone else is having but for me this is caused by some types special characters ( at least {[(" ) used in HTTP headers (this is something that Param Miner does in a header guessing attack) e.g's Slotnam(ertzoyw: zwrtxqval52pwe8xp6 Slotnam[ertzoyw: zwrtxqval52pwe8xp6 Slotnam}rtzoyw: zwrtxqval52pwe8xp6 Slotnam"rtzoyw: zwrtxqval52pwe8xp6 etc Not sure if this is a server side issue or not.

Andrew | Last updated: May 16, 2022 10:42PM UTC

When using HTTP 1.1 these result in a 400 bad request message so i guess in my case the error 'RST_STREAM received with error code: 0x1 (Protocol error detected)' just means the server sent the equivalent of a 400 response code in HTTP/2 so burp displays this message.

Tom | Last updated: May 25, 2022 06:33PM UTC

I'm having the same problem. Site uses HTTP2 and NTLM. I tried both disabling HTTP2 in both the Project Options and Proxy and that does not work. I look at the Response when trying to browse to the site where it prompts me to login. Before I even enter credentials, I am getting 401 - Unauthorized: Access is denied due to invalid credentials.</h2> <h3>You do not have permission to view this directory or page using the credentials that you supplied. I know my creds are valid and I can access the site just fine if I don't have it proxied.

Michelle, PortSwigger Agent | Last updated: May 26, 2022 07:52AM UTC

Thanks for your message. Can you email some screenshots of your setup and the details you have configured under User Options -> Connections -> Platform Authentication to support@portswigger.net so we can take a closer look, please?

Jason | Last updated: Aug 11, 2022 03:59AM UTC

Hi, same problem here even disabled HTTP/2 Error message: RST_STREAM received with error code: 0xd (Use HTTP/1.1 for the request) it's NTLM authentication and fine with browser but not via burp proxy please advise

Michelle, PortSwigger Agent | Last updated: Aug 11, 2022 08:10AM UTC

When you disabled HTTP/2 for using Burp Proxy, did you change that setting under Proxy -> Options -> Proxy Listeners -> Edit -> HTTP -> Support HTTP/2? If you send the request to Burp Repeater and test sending it via HTTP/1 (by changing the Request attributes in the Inspector), what response do you get? Do you have any extensions installed? Can you send us some screenshots of your setup and the tests to support@portswigger.net, please?

Abinash | Last updated: Aug 25, 2022 05:33PM UTC

Hello, i was solving a lab in HTTP/2 request tunnelling, but when i added a CRLF character in inspector tab under request header block and after applying the change when i sent the request i got ```RST_STREAM received with error code: 0x1 (protocol error detected)``` error.I have checked 'Allow HTTP/2 ALPN override' and in project option -> http block i have HTTP/2 option checked. Please help.

Michelle, PortSwigger Agent | Last updated: Aug 26, 2022 07:59AM UTC

Thanks for getting in touch. Which one of the labs were you working on at the time?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.