Comments (5)
@eoftedal that is a fair request, I will add it to the to do list.
Thanks,
Alex
from openapi-parser.
@eoftedal I rewrote swurg
from scratch - the version 2.0 is out.
In this version, I use the official Swagger Parser
Java library rather than my own implementation. I also use the IExtenderHelpers
interface provided by the Burp Suite APIs
to build the requests to send to the Active Scanner, Intruder and Repeater
.
At the moment, the Burp Suite APIs
does not enable adding in body
JSON
and XML
parameters - read the following:
/**
* This method adds a new parameter to an HTTP request, and if appropriate
* updates the Content-Length header.
*
* @param request The request to which the parameter should be added.
* @param parameter An <code>IParameter</code> object containing details of
* the parameter to be added. Supported parameter types are:
* <code>PARAM_URL</code>, <code>PARAM_BODY</code> and
* <code>PARAM_COOKIE</code>.
* @return A new HTTP request with the new parameter added.
*/
byte[] addParameter(byte[] request, IParameter parameter);
I added a post to the Burp Suite APIs
repository asking whether they are planning to correct this. I am now waiting for an answer from them.
Best regards,
Alex
from openapi-parser.
@eoftedal, thanks for the feedback.
This behavior is expected, as you can see in the JSON swagger file at http://petstore.swagger.io/v2/swagger.json the pet
endpoint produces and consumes data of type application/json
, application/xml
. Consequently, a work around for your use case would be to manually edit the Swagger file and replace application/json
, application/xml
with application/x-www-form-urlencoded
if what you want is to change the Accept
and Content-Type
headers.
Hope my answer will help you.
from openapi-parser.
If the endpoint consumes application/xml
and application/json
, why does swurg create a request of type application/x-www-form-urlencoded
?
I would like swurg to put JSON in the body, not application/x-www-form-urlencoded when the content-type from swagger clearly says application/json. Is it because of the duplicate content-types ?
from openapi-parser.
from openapi-parser.
Related Issues (20)
- [BUG] Gracefully Handle lack of "servers" object HOT 1
- [BUG] Can't build HTTP request for repeater and other burp tools HOT 4
- [FEATURE] Send to Organizer HOT 2
- Suggest adapting to importing JSON files exported from Metersphere
- OpenAPI parser doesn't load the swagger file HOT 7
- Feature request: Use Hackvertor tabs HOT 1
- Error: User Token doesn't adhere to regular expression ^[a-zA-Z0-9\.\-_]+$]
- Bypass SSL error certificate HOT 6
- OpenAPI parser doesn't load the swagger file in YAML format HOT 1
- Parsing errors on various openapi specs HOT 1
- Cannot invoke "io.swagger.v3.oas.models.OpenAPI.getServers()" because "openAPI" is null HOT 2
- Issue when loading a swagger HOT 2
- Support for JSON body types HOT 1
- parseAccept throws null pointer exception when content is not set HOT 1
- Cannot invoke "io.swagger.v3.oas.models.media.Content.entrySet()" HOT 1
- Failed to build - github CI action? HOT 3
- Extension Doesnt Load Swagger File - AD credentials dont confirm to REGEX
- [BUG] issue when importing Swagger file "Cannot invoke "io.swagger.v3.oas.models.media.Content.entrySet()" HOT 6
- [BUG] OpenAPI Spec Failing to Parse HOT 7
- How to identify the parameter value in the path url ?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openapi-parser.