Content-Disposition: attachment downloads do not render
image file (jpegs) downloaded with the response header Content-Disposition: attachment does not have a render tab in the new version of Burp. This means that you cannot see the images within Burp.
An example response that goes unrendered would be
HTTP/1.1 200 OK
Date: Mon, 22 Jul 2019 17:26:08 GMT
Server: Apache/2.4.39 (Unix)
Content-Description: File Transfer
Content-Disposition: attachment; filename="hover.jpg"
Removing the Content-Disposition: attachment; response, or chaining it to inline causes the render tab to show again.
Could you have a look?
Reino, the example response you have given would result in the browser downloading and saving an attachment.
“In a regular HTTP response, the Content-Disposition response header is a header indicating if the content is expected to be displayed inline in the browser, that is, as a Web page or as part of a Web page, or as an attachment, that is downloaded and saved locally.”
This has been disabled for security reasons.