modify javascript with Burp, if js is in separate file, but gets loaded in the same HTTP response

Question

I am using Burp to intercept and modify server response. The response message has html <script> elements inside of it. Something like this:

<script type="text/javascript" src="/js/real.js">

Since this is inside html response I have no power to actually look into and modify the real.js script, beacause hitting "Forward" allows to execute this js script. How can I inspect real.js script with Burp?

score 3 · Answer 1 · answered Jun 09 '16 at 21:45

Have you tried selecting the Proxy Tab, then select 'Options' in the set of tabs below. If I remember correctly burp defaults enabled the proxy server option for: File extension does not match (^gif$|^jpg$|^png$|^css$|^js$|^ico$) which will prevent the proxy from intercepting .js files. If you uncheck enabled for Intercept Server Responses you should see the js script.

modify javascript with Burp, if js is in separate file, but gets loaded in the same HTTP response

1 Answers1