Be careful in the params tab in Repeater and Proxy with @Burp_Suite 2020.6. For me, cookies are now showing correctly and are getting messed up if I try to edit them.
I've reported it to them
I've reported it to them
I'll try to explain this issue, it was 4AM when I found it and thought something odd was going on. These requests are coming from 78.0.1 in Ubuntu, not some odd custom client.
I'm on Burp 2020.6 with the new HTTP/2 mode enabled.
If I search Google, I see a request like this, notice the multiple separate Cookie headers.
If I search Google, I see a request like this, notice the multiple separate Cookie headers.
All the requests I'm seeing it on also have this header:
Te: trailers
I don't know if this is significant or not.
Te: trailers
I don't know if this is significant or not.
Even though the requests all say HTTP/1.1, this is doing it on sites I know the request is going over HTTP/2 in, so I think it is related to that.