Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Unable to edit the content headers

Syed Meer Ahmed Jun 25, 2019 01:14PM UTC

What is wrong in the below code ? I do not see the request getting edited as I don't find the 'Edited Request' tab at all:

package burp;

import java.util.List;

public class BurpExtender implements IBurpExtender, IHttpListener, IProxyListener {
// implement IBurpExtender

private IExtensionHelpers helpers;
PrintWriter stdout;

public void registerExtenderCallbacks(IBurpExtenderCallbacks callbacks)
stdout = new PrintWriter(callbacks.getStdout(), true);
helpers = callbacks.getHelpers();

public void processHttpMessage(int toolFlag, boolean messageIsRequest, IHttpRequestResponse messageInfo)
if(messageIsRequest) {
IHttpService httpService = messageInfo.getHttpService();
String host = httpService.getHost();
if(host != null) {


public void processProxyMessage(boolean messageIsRequest, IInterceptedProxyMessage message) {

if(messageIsRequest) {
IHttpRequestResponse messageInfo = message.getMessageInfo();
IRequestInfo rqInfo = helpers.analyzeRequest(messageInfo);
List headers = rqInfo.getHeaders();
headers.add("Meer: This is the test");
String request = new String(messageInfo.getRequest());
String messageBody = request.substring(rqInfo.getBodyOffset());
byte[] updateMessage = helpers.buildHttpMessage(headers, messageBody.getBytes());




Paul Johnston Jun 25, 2019 02:13PM UTC Support Center agent

I think your code will fail with an exception because headers is an immutable list.

I recommend you run Burp from the command line so you can see exceptions from your extension on the console.

You’ll need to do something like:

List<String> headers = new ArrayList<String>(rqInfo.getHeaders());

August Jun 29, 2019 12:25AM UTC
I am pretty sure that extensions' processHttpMessage method gets called after the request has already been sent and thus doesn't actually update the Burp UI (at least this is the behavior I have encountered with my extensions). If you use an upstream proxy or the Logger++ extension you should be able to see whether your extension actually did modify the headers.

Post Your public answer

Your name
Your email address