Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Server sends 403 if I use Burp Suite.

savior1337 | Last updated: Apr 11, 2023 07:12AM UTC

While logging fetch requests on https://hilton.com I noticed some requests were getting blocked if I used burp suite proxy, but the same wasn't the case without burp proxy in b/w. I cannot find the cause for it. Can someone help?

savior1337 | Last updated: Apr 11, 2023 07:49AM UTC

Here's a video which shows the problem. https://file.io/KWXXXMFyIFvO

savior1337 | Last updated: Apr 11, 2023 08:33AM UTC

The above linked is invalid. Please try this one (https://drive.google.com/file/d/1PCFy-xcrgZG26cHg2oUDzO3uE_Dhgw4-/view).

Michelle, PortSwigger Agent | Last updated: Apr 11, 2023 02:10PM UTC

Thanks for getting in touch. Is it always the same requests that are affected? What impact does this have on the display of the page? If you compare the requests when they are being sent via Burp and directly to the target application, are there differences in the requests, e.g. do they contain authorization headers where appropriate? If you prefer to share details regarding this issue to us directly, feel free to email us via support@portswigger.net.

savior1337 | Last updated: Apr 11, 2023 03:54PM UTC

Yes it's always the same request that is being affected. It doesn't allow the page to function properly. No there weren't any additional headers. Both requests were from scratch made by the browsers itself. I also would like to add that, if I open the same site i.e. https://hilton.com on BurpSuite windows version then the browser will stop responding and I have to close it. It's the case everytime.

Michelle, PortSwigger Agent | Last updated: Apr 12, 2023 03:06PM UTC