Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Display Bug after a weird HTTP Response

Anony Mouse Feb 22, 2016 04:02PM UTC

While testing an application, I got the following HTTP Response:


HTTP/1.1 200 OK
Date: Mon, 22 Feb 2016 15:52:27 GMT
Expires: Mon, 22 Feb 2016 15:52:27 GMT
Cache-Control: no-cache, private, no-store
Content-Type: text/javascript; charset=utf-8
Pragma: no-cache
Date: Mon, 22 Feb 2016 15:52:27 GMT
X-Lift-Version: xxxx
X-Frame-Options: SAMEORIGIN
Content-Length: 1
Connection: close
HTTP/1.1 200 OK
Date: Mon, 22 Feb 2016 15:52:09 GMT
Expires: Mon, 22 Feb 2016 15:52:27 GMT
Cache-Control: no-cache, private, no-store
Content-Type: text/javascript; charset=utf-8
Pragma: no-cache
Date: Mon, 22 Feb 2016 15:52:27 GMT
X-Lift-Version: xxx
X-Frame-Options: SAMEORIGIN
Content-Length: 894
Connection: close

sensitive_data_here_removed. It 894 bytes of data.

------

Notice how it looks like the server send TWO responses in one response. Their javascript was able to act on this, and perform an action. So they are expecting the weird output. But the thing is, in the BURP GUI, you do no see the 2nd response at all. I didn't even know it was there. I found run 'strings' on my burp temp file to find the full response. Anyway to make the BURP GUI show the entire (and totally invalid) HTTP response? Maybe make the code display the RAW response, not just the first valid response.




Dafydd Stuttard Feb 23, 2016 10:40AM UTC Support Center agent

We’ve tried to reproduce this problem (with Repeater as the client) and we’re not seeing any problem. Burp appears to display the full response correctly. Which Burp tool were you using when you see the problem with the full response not being displayed? Were there any other repro steps other than a response with two sets of headers?


Post Your public answer

Your name
Your email address
Answer