|resources:||Home How to Use it Screenshots Warnings Installation To do Source Code Members|
- If you don't understand security testing, or the values contained in the request header and body, then don't change them.
- Modifying values in headers and the request body, especially using the context menu suggestions, will generally cause web applications to fail. Well designed web applications will detect the bad values, and fail gracefully, and potentially trigger investigations of malicious behavior. Poorly designed applications, may fail in ways difficult to detect, but in general, will also trigger investigations of malicious behavior.
- I don't recommend tampering with requests to web sites outside of your direct control
Security and PrivacyAll data in request headers and body is recorded.
Be aware of this when surfing to sites that request passwords etc.
e.g. it may not be a good idea to leave this extension running while performing online banking.
CompatibilityAs this tool modifies values in the request other tools such as live http headers (which the complicated parts of this code are based on) may not work correctly at the same time as tamperdata.
Potential BugsSome things I see as potential causes of problems:
- Tamper confirmation pop up is modal to the tamper dialog, you can still access the browser window to add additional request to the queue - don't do this
- Request/Response matching will get confused by stops and multiple reloads. Just press clear and start again