打p扩展：添加标头到响应 [英] Burp Extension: add header to response

问题描述

帮新手编写扩展程序...我正在尝试向响应中添加标头以测试CSP规则。我发现有很多资源可以将标头添加到请求中，但不能添加响应。这是我到目前为止拥有的（无效）代码：

Burp newbie writing an extension... I am trying to add a header to the response to test CSP rules. I have found lots of resources to add headers to Requests, but not for Responses. Here is the (non-working) code I have so far:

def processHttpMessage(self, toolFlag, messageIsRequest, messageInfo):

    # determine what tool we would like to pass though our extension:
    if toolFlag == 4: #if tool is Proxy Tab
        # determine if request or response:
        if not messageIsRequest:#only handle responses
            response = messageInfo.getResponse() #get Response from IHttpRequestResponse instance
            responseStr = self._callbacks.getHelpers().bytesToString(response)
            responseParsed = self._helpers.analyzeResponse(response)
            body = responseStr[responseParsed.getBodyOffset():]
            headers = responseParsed.getHeaders()

            headers.add('MYHEADER: TEST')

            httpResponse = self._callbacks.getHelpers().buildHttpMessage(headers, body)
            return

推荐答案

我认为您找到了扩展名，但是您可以在程序的标准版本中执行此操作。

I think you found an extension but you can just do this in the standard version of the program.

代理选项卡>选项卡的第二行选项>向下滚动要匹配和替换>点击添加>将类型更改为响应标题，将新标题放入替换。正如默认文字在匹配中所说，留空以添加新标题

Proxy Tab > 2nd row of tabs Options > scroll down to Match and Replace > Hit Add > Change Type to Response Header, Put the new header in Replace. And as the default text says in Match 'leave blank to add a new header'

这篇关于打p扩展：添加标头到响应的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！