This extension adds the necessary content for the browser to know that a source map is available and then it injects that source map in such a way that the browser doesn't need to check for CORS violations. Browsers don't behave exactly the same with source maps as they do for all other resources, but, they do tend to apply things like CORS policies. (For example, you won't see the browsers request for a ".map" file within the network sub-section of the developer tools).
Once the extension has been installed, navigate to the new tab and double check the settings. Not many options to choose from and the main thing to note is that the location that the extension will look for ".map" files. Change this setting, or make the directory, and make sure that all your map files are located here. No need for sub-directories and so on, just make sure the map files have exactly the same name as the original JS file but additionally have the ".map" extension.
For example: "main-320943204324.min.js" should become: "main-320943204324.min.js.map"
Once this is done, visit your target web application, open the developer tools and visit the "Sources" (Chrome) or "Debugger" tabs to trigger the browser to fetch the source map files. Once this is done, you should be able to see the extra resources in the file tree.
Debug output is currently sent to the SourceMapper pane within the extensions tab under "Output".
|Last updated||20 May 2022|
You can install BApps directly within Burp, via the BApp Store feature in the Burp Extender tool. You can also download them from here, for offline installation into Burp.
|You can view the source code for this BApp by visiting our GitHub page.|
|Follow @BApp_Store on Twitter to receive notifications of all BApp releases and updates.|
Please note that extensions are written by third party users of Burp, and PortSwigger Web Security makes no warranty about their quality or usefulness for any particular purpose.