Getting Started with Burp Suite
Burp Suite Documentation
Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.
Burp Suite Professional and Community editions | Burp Suite Enterprise Edition |
Burp Scanner | Burp Collaborator |
Burp Infiltrator | Full Documentation Contents |
Burp Extender
Burp Extender lets you extend the functionality of Burp Suite in numerous ways.
Extensions can be written in Java, Python or Ruby.
API documentation | Writing your first Burp Suite extension |
Sample extensions | View community discussions about Extensibility |
Content-Disposition: attachment downloads do not render
Hi,
image file (jpegs) downloaded with the response header Content-Disposition: attachment does not have a render tab in the new version of Burp. This means that you cannot see the images within Burp.
An example response that goes unrendered would be
HTTP/1.1 200 OK
Date: Mon, 22 Jul 2019 17:26:08 GMT
Server: Apache/2.4.39 (Unix)
X-Powered-By: PHP/7.2.19
Expires: 0
Cache-Control: must-revalidate
Pragma: public
Content-Description: File Transfer
Content-Disposition: attachment; filename="hover.jpg"
Content-Length: 15274
Connection: close
Content-Type: image/jpeg
Removing the Content-Disposition: attachment; response, or chaining it to inline causes the render tab to show again.
Could you have a look?
Regards
Reino, the example response you have given would result in the browser downloading and saving an attachment.
“In a regular HTTP response, the Content-Disposition response header is a header indicating if the content is expected to be displayed inline in the browser, that is, as a Web page or as part of a Web page, or as an attachment, that is downloaded and saved locally.”
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition
This has been disabled for security reasons.