Burp新手编写扩展程序...我试图在响应中添加一个标头来测试CSP规则。我已经找到了很多资源来向请求添加标头,但是没有为响应添加标头。这是我到目前为止的(非工作)代码:
def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):
# determine what tool we would like to pass though our extension:
if toolFlag == 4: #if tool is Proxy Tab
# determine if request or response:
if not messageIsRequest:#only handle responses
response = messageInfo.getResponse() #get Response from IHttpRequestResponse instance
responseStr = self._callbacks.getHelpers().bytesToString(response)
responseParsed = self._helpers.analyzeResponse(response)
body = responseStr[responseParsed.getBodyOffset():]
headers = responseParsed.getHeaders()
headers.add('MYHEADER: TEST')
httpResponse = self._callbacks.getHelpers().buildHttpMessage(headers, body)
return
答案 0 :(得分:2)
我认为您找到了扩展程序,但我可以在程序的标准版本中执行此操作。
代理选项卡>第二行标签选项>向下滚动到匹配和替换>点击添加>将类型更改为响应标题,将新标题放入替换。正如默认文字在“匹配”中所示,请留空以添加新标题'