Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Enterprise EditionProfessional

Scanning single-page apps

  • Last updated: March 1, 2024

  • Read time: 2 Minutes

Burp Scanner can handle virtually all types of modern web application, including single-page applications (SPAs). The dynamic nature of SPAs means that you may need to use a custom configuration in order to scan them accurately.

Configuring scans of SPAs

To configure SPA scans, you will need to add a custom scan configuration to the scan configuration library. You can then apply this configuration to your SPA sites (in Burp Suite Enterprise Edition) or select it when launching a scan of an SPA (in Burp Suite Professional).

More information

For more information on using custom scan configurations, see:

When you create a scan configuration to use with SPAs, consider the following:

Crawl strategy

If the scan's coverage is not as expected, change the crawl strategy to More Complete. If this does not have an effect, change it to Most complete. The Most complete crawl strategy is best suited for SPAs but significantly increases crawl time.

We do not recommend the Fastest crawl strategy to scan SPAs, as this configuration is only suitable for static sites without any stateful functionality. Also, the Fastest crawl strategy does not support links that require the scanner to click (for example, anything that uses onClick or element.addEventListener('click', fn)).

You can use the Crawling > Crawl Optimization > Crawl Strategy scan configuration setting to change the crawl strategy.

Routing fragments

SPAs often use URL fragments for client-side routing. This enables them to display what appear to be several distinct pages without the browser making additional requests to the server. Burp Scanner needs to know whether the target application uses fragments in this way in order to crawl it effectively. By default, if a fragment contains any of the following characters, the crawler assumes that it is used for client-side routing: / \ ? = &.

If an app that uses fragments for client-side routing does not perform as expected, make sure that the Crawling > Miscellaneous > Application uses fragments for routing scan configuration option is selected.

Non-standard clickable elements

If the app uses non-standard clickable elements, select the Crawling > Crawl Optimization > Crawl Strategy > Settings > Click all clickable elements scan configuration option. Note that this is a work-in-progress feature that is only available when you scan via Burp Suite Professional, and results may be varied.

Note

We continually look to improve our crawl coverage. If you encounter an application you think we should be better at scanning, and can provide us with access to the application and permission to scan it, we would be happy to test it remotely in our environment.

Related pages:

Was this article helpful?