Enhancement: Access Contents of Specific Headers

[wmcsl]

I believe a useful feature would be to check the value of a certain header, rather than only checking if the header exists and if the usual values are in the response.

For example, being able to check what the value of the X-Powered-By header says would allow authors to provide more relevant guidance for specific text stacks.

Another example of where this would be useful would be to move away from the current paradigm of

and "application/json" in {check.response.headers} then

where it's only checking to see if application/json is in any of the headers, not if it's in the Content-Type header.

Example of what I'd like to see:

``
detail: The server announces its underlying technology. {latest.response.headers.X-Powered-By}

to list all instances of the X-Powered-By header.

or

and "application/json" in {check.response.headers.Content-Type} then

Since multiple can be in the response, having a way to interact individual ones or all at once would be useful as well.

[Hannah-PortSwigger]

Thanks for the feedback! Retrieving the values of headers requested fairly frequently - we've added your +1 to this functionality.

We're gathering any bits of feedback about BChecks we can get, so if there's any other functionality you would like to have or you think is missing, then please let us know!

[Hannah-PortSwigger]

Reopening for better tracking of feature request.

[er4z0r]

Seconded. I thought I'd write a quick BCheck of people using static nonces in the content security policy. But without a means to access that header's value it doesn't seem possible with BChecks. So 👍 for accessing header content :)

[Hannah-PortSwigger]

Thanks for the +1!

It is possible to identify specific content using regex matching. However, you will need to be fairly specific with your regular expression to avoid false positives.