Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

How do I configure BURP to ignore method OPTIONS on scope?

Cristiano | Last updated: Mar 16, 2018 03:01PM UTC

Hello there, How do I configure BURP to ignore method OPTIONS on scope? This is very annoying. Tks!

PortSwigger Agent | Last updated: Mar 16, 2018 03:20PM UTC

Hi Cristiano, The scope doesn't let you filter by HTTP method, but there is an extension which helps unclutter your proxy history here: - https://github.com/pajswigger/filter-options

Burp User | Last updated: Apr 18, 2018 03:08PM UTC

Okay, but this does not help me. My real problem is the Active Scanner is looking at the OPTIONS and not the POST/GET/PUT... Tks.

PortSwigger Agent | Last updated: Apr 19, 2018 10:07AM UTC

Hi Cristiano, If you use the extension I linked, setup your scope, then select everything in Proxy History, right-click and choose "Actively scan selected items" - you should be able to start a scan that includes POST/GET/PUT and does not include OPTIONS. I agree this is an area where the UI could be improved. Let me know how you get on.

Burp User | Last updated: Jul 03, 2018 10:52PM UTC

Hello, sorry for the delay. I activated the extension but I do not see the option. Did I do something wrong? Extension loaded: http://oi67.tinypic.com/2hyv6n8.jpg Filter proxy: http://oi64.tinypic.com/15g76sm.jpg Best regards,

PortSwigger Agent | Last updated: Jul 04, 2018 08:47AM UTC

Hi Christiano, The settings you've shown should work. The Filter OPTIONS extension rewrites the response to have mime-type application/octet-stream. So because you have "Other binary" not ticket in the filter, the OPTIONS requests should not appear in your history. Please let us know if you need any further assistance.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.