Skip to content

Burp extension that passively reports various SameSite flags

License

Notifications You must be signed in to change notification settings

PortSwigger/samesite-reporter

 
 

Repository files navigation

burp-samesite-reporter

Burp extension that passively reports various SameSite flags.

You can download a build from this repository by downloading SameSiteReporter.jar.

This extension reports cases where the SameSite cookie flag is explicitly set to None and when it is missing. Handy for developers who want to write secure code and testers who, like me, often forget to check the SameSite value of important cookies.

SameSite=None

Samesite None Issue Samesite None Response

SameSite Missing

Samesite Missing Issue Samesite Missing Response

About

Burp extension that passively reports various SameSite flags

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 100.0%