Burp Repeater Options

The Repeater menu controls aspects of Burp Repeater's behavior. The following options are available:

  • Update Content-Length - This option controls whether Burp automatically updates the Content-Length header of the request where necessary. Using this option is normally essential when the request message contains a body.
  • Unpack gzip / deflate - This option controls whether Burp automatically unpacks gzip- and deflate-compressed content received in responses.
  • Follow redirections - This setting controls whether redirection responses are automatically followed. The following options are available:
    • Never - Repeater will not follow any redirections.
    • On-site only - Repeater will only follow redirections to the same web "site", i.e. to URLs employing the same host, port and protocol as was used in the original request.
    • In-scope only - Repeater will only follow redirections to URLs that are within the suite-wide target scope.
    • Always - Repeater will follow redirections to any URL whatsoever. You should use this option with caution - occasionally, web applications relay your request parameters in redirections to third-parties, and by following redirections you may inadvertently attack an application that you do not intend to.
    Note: If Repeater receives a redirection response which it is not configured to follow automatically, it will display a "Follow redirection" button near to the top of the UI. This allows you to manually follow the redirection after viewing it. This feature is useful for walking through each request and response in a redirection sequence. New cookies will be processed in these manual redirections if this option has been set in the "Process cookies in redirections" option described below.
  • Process cookies in redirections - If this option is selected, then any cookies set in the redirection response will be resubmitted when the redirection target is followed.
  • View - This submenu lets you configure the layout of the request/response panel. You can view the HTTP messages in a top/bottom split, a left/right split, or in tabs.
  • Action - This submenu contains the same options as are available on via the context menu of the request and response message editors.