Websocket support

[YanKawaYu]

Hi guys, I really appreciate your work. It's awesome!!! I need to decode and encode protobuf for websocket. Is it possible that you can support the WebSockets history tab as well? Looking forward to hearing from you guys. Thanks

[rwinkelmaier-ncc]

Hi!

I would love to be able to manipulate websocket messages, but I don't there is a clean way to do it at the moment.

Portswigger added an API for websockets in the new "Montoya" extension API, but I don't think that will ever make it into the Legacy extension API. And, as far as I know, there is no support for Python extensions on the Montoya API and there no information from Portswigger on if or when that's going to happen.

I have a couple ideas that could work, like shelling out to python from a montoya extension or rewriting in Java, but not a huge fan of either.

One thing I could try to do is add more ways of parsing a protobuf through the UI. Maybe a global tab that allows you to copy/paste a payload to the tab to decode/encode, or a context menu. It wouldn't be as nice as having a message editor tab, but would at least be there.

I'll go ahead and leave this issue open for now so I can keep it in mind and look at options.

[YanKawaYu]

Get it. Appreciate your detailed explanation!

[rwinkelmaier-ncc]

For reference, in case anyone is looking for websocket support:

There's no support for websockets in the Burp extension yet. However, the repository now has a mitmproxy addon which supports decoding websocket messages (but not editing). There is also now a CLI, which you can copy-paste data to from websocket messages.