Burp 2.x does not passively scan certain content types it did in 1.7
In Burp 1.7.x Burp would find issues like 'Email address disclosed' on non-HTML content types.
For example if the following was served in 'emails.txt' with Tomcat:
Burp 1.7.x would find and report the 'Email address disclosed' issue.
In Burp 2.x that is no longer the case. Burp will not show these in the passive audit task and therefore the issue will not get reported anymore.
This also happens for other content types like CSS and JS.
This also trickles down to extensions as the 'doPassiveScan' is not getting called for text, CSS and JS content types in my testing.
I tested this using the Burp 1.7.37 installer and Burp 2.0.14beta installer on Windows.
Thanks for letting us know about this. This is a bug which we will resolve in a future version.
Thanks for letting us know Seth.