Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Unable to handle malformed content-type in response header

Chenglong | Last updated: Feb 18, 2022 08:21AM UTC

When the server sends back a response containing a malformed content-type, burpsuite will not be able to correctly handle it. For repeater, it will simply show blank. For browser which proxies its traffic to the burpsuite, sometimes it will show "An unknown error occured." For example, a php file with the following content: <?php header('Content-Type: text/html; charset=utf-8,text/html; charset=utf-8'); header('Location: https://google.com'); echo "asdfasdfasdf"; when using repeater to send a GET request, burpsuite can correctly identify it as a 302 response and show a button to follow the redirection, however, the response pane on the right just show blank.

Chenglong | Last updated: Feb 18, 2022 08:23AM UTC

reproducible in the latest stable burpsuite pro version. v2022.1.1

Liam, PortSwigger Agent | Last updated: Feb 18, 2022 01:00PM UTC

Thanks for your message. Do you have steps to reproduce this on a public-facing application?

Chenglong | Last updated: Feb 18, 2022 04:35PM UTC

Hi, you can check this: https://fierce-sierra-57469.herokuapp.com/test.php. it's source code is simply: ``` <?php header('Content-Type: text/html; charset=utf-8,text/html; charset=utf-8'); //echo "asdfasdfasdf"; highlight_file(__FILE__); ``` if you use your browser to browse this website, enabling the traffic to be proxied through burpsuite, you will get "An unknown error occured" error message from burpsuite, if you try to sent a GET request using burpsuite repeater, the response pane on the right will just be blank.

Liam, PortSwigger Agent | Last updated: Feb 22, 2022 11:32AM UTC

Thanks! We've added a ticket to our development backlog to get this fixed. We'll update this thread when the work is complete.

Chenglong | Last updated: Apr 11, 2022 11:18AM UTC

This seems to be fixed in the latest Early Adopter version of Burp Suite Pro?

Liam, PortSwigger Agent | Last updated: Apr 11, 2022 12:45PM UTC