Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Server sends 403 if I use Burp Suite.

savior1337 | Last updated: Apr 11, 2023 07:12AM UTC

While logging fetch requests on https://hilton.com I noticed some requests were getting blocked if I used burp suite proxy, but the same wasn't the case without burp proxy in b/w. I cannot find the cause for it. Can someone help?

savior1337 | Last updated: Apr 11, 2023 07:49AM UTC

Here's a video which shows the problem. https://file.io/KWXXXMFyIFvO

savior1337 | Last updated: Apr 11, 2023 08:33AM UTC

The above linked is invalid. Please try this one (https://drive.google.com/file/d/1PCFy-xcrgZG26cHg2oUDzO3uE_Dhgw4-/view).

Michelle, PortSwigger Agent | Last updated: Apr 11, 2023 02:10PM UTC

Thanks for getting in touch. Is it always the same requests that are affected? What impact does this have on the display of the page? If you compare the requests when they are being sent via Burp and directly to the target application, are there differences in the requests, e.g. do they contain authorization headers where appropriate? If you prefer to share details regarding this issue to us directly, feel free to email us via support@portswigger.net.

savior1337 | Last updated: Apr 11, 2023 03:54PM UTC

Yes it's always the same request that is being affected. It doesn't allow the page to function properly. No there weren't any additional headers. Both requests were from scratch made by the browsers itself. I also would like to add that, if I open the same site i.e. https://hilton.com on BurpSuite windows version then the browser will stop responding and I have to close it. It's the case everytime.

Michelle, PortSwigger Agent | Last updated: Apr 12, 2023 03:06PM UTC

Hi Which part of the page fails to function as a result of this? Can you describe the behavior? When you have issues accessing the site on Windows, are there any errors in the event log on Burp's Dashboard? Can you email a copy of the output from Help > Diagnostics from this machine?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.