- #DEFINE SESSION RESTORE UPDATE#
- #DEFINE SESSION RESTORE MANUAL#
- #DEFINE SESSION RESTORE PROFESSIONAL#
- #DEFINE SESSION RESTORE WINDOWS#
You could use this to automatically log back in to an application part way through an automated scan or Intruder attack.
#DEFINE SESSION RESTORE UPDATE#
For example, you could configure a rule to run a macro and update specified cookie and parameter values based on the result. You can combine any of these actions to handle virtually any session handling mechanism.
The description you provide appears on the rule editor's list of active rules.Īccess the Rule Actions setting from the Details tab. This setting enables you to describe what the rule does.
#DEFINE SESSION RESTORE PROFESSIONAL#
PROFESSIONAL COMMUNITY Session handling rule editor Managing application logins using the configuration library.Spoofing your IP address using Burp Proxy match and replace.Testing for reflected XSS using Burp Repeater.Viewing requests sent by Burp extensions using Logger.Resending individual requests with Burp Repeater.
#DEFINE SESSION RESTORE MANUAL#
Augmenting manual testing using Burp Scanner.Intercepting HTTP requests and responses.Viewing requests sent by Burp extensions.Testing for asynchronous OS command injection vulnerabilities.Testing for OS command injection vulnerabilities.Bypassing XSS filters by enumerating permitted tags and attributes.Testing for web message DOM XSS with DOM Invader.Testing for SQL injection vulnerabilities.Testing for parameter-based access control.Identifying which parts of a token impact the response.To use the sessions API you must have the "sessions" API permission.Search Professional and Community Edition For example, a tab grouping extension might use this to remember which group a tab is in, so as to restore it into the right group if the user restores the tab. Then, if the tab or window is closed and subsequently restored, the extension can retrieve the state. This API also provides a group of functions that enable an extension to store additional state associated with a tab or a window. Restoring doesn't just reopen the tab: it also restores the tab's navigation history so the back/forward buttons will work. You can then restore a window or tab using the sessions.restore() function.
#DEFINE SESSION RESTORE WINDOWS#
The sessions.getRecentl圜losed() function returns an array of tabs.Tab and windows.Window objects, representing tabs and windows that have been closed since the browser was running, up to the maximum defined in sessions.MAX_SESSION_RESULTS. Use the sessions API to list, and restore, tabs and windows that have been closed while the browser has been running.
Differences between API implementations.