Apache Tomcat "Transfer-Encoding" Bug
When trying to exploit CVE-2010-2227 on a vulnerable Apache Tomcat server I've noticed that Burp (1.6.06) deletes "Transfer-Encoding" HTTP header when using as a proxy.
Thanks for your message.
Burp does indeed remove the TE header but this is intended behavior. The TE header is generally used to specify chunked encoding, and because Burp operates as a store-and-forward proxy, it needs to remove chunked-encoding metadata from HTTP messages so that they are user readable and editable. Burp always changes messages so that they include a Content-Length header. This makes for much more reliable networking when Burp is mediating between the client and server, and making its own requests.
If you need to attack the HTTP layer itself, rather than the app that is running above it, we’d recommend using a lower-level tool to give you direct unmodified access to the wire data, such as netcat.
Hope that helps.