I'm not sure it's possible but thought I might be missing something.
I'm trying to send a ping request to a server that does not run HTTP-server from chrome extension.
What I know so far:
So I can't initiate an HTTP request and measure the roundtrip, since there is no http server and the server cannot be modified.
chrome.socket - was a thing in Chrome-Packed-Apps, which is deprecated by now.
Any idea how to go about thins?
Thanks in advance
Related
I'm a requesting a url with fetch in my node app and the response status is 464 (without responseText and without any error message). But I could't find any info about that.
Also if I request the same url with my browser (Chrome) then it works fine (no need to send any cookies or auth, it works in incognito window too)
What could be causing this?
EDIT: seems to be a problem with AWS Load Balancer, my problem is exactly this:
https://forums.aws.amazon.com/message.jspa?messageID=964799
But there's no solution in that post, so maybe could be helpful to put it here if someone knows the problem (I'm suspecting is related with HTTP 2.0 but not sure, could it be?)
Response Header in Node is:
Server=awselb/2.0
Content-Length=0
HttpCode=464
But in Chrome:
server: nginx/1.18.0
I had this issue just today. My target group was configured for HTTP/2, but, the backend service was not prepared for that traffic. So, when I rebuilt the target group using HTTP/1.1, traffic began to function as expected.
When creating a target group, the options presented to me for HTTP protocol options were (as shown in the AWS Console):
HTTP/1.1
Send requests to targets using HTTP/1.1. Supported when the request
protocol is HTTP/1.1 or HTTP/2.
HTTP/2
Send requests to targets using HTTP/2. Supported when the request
protocol is HTTP/2 or gRPC, but gRPC-specific features are not
available.
I want to implement proxy server in node.js which is somewhat similar to Charles proxy - it should intercept HTTPS requests from my mobile app, decipher them, route some of them depending on body content to original backend and mock others with some static files.
How this HTTPS stuff is handled in Charles or other proxies?
Will I need self-signed root certificateon mobile device?
Are there any libraries which will help me?
How this HTTPS stuff is handled in Charles or other proxies?
Technically, Charles Proxy or Proxyman.io (the one I'm using now) would do the following steps:
Generate a root certificate and install to keychain and trust it. This steps would do once.
Open the Local Server (at 8888 or 9090).
Override the HTTP Proxy in System to this port. Thus, all traffic will go through the port. You could use the networksetup CLI to easily achieve or Privileged Helper tool on macOS for high performance and secure.
As soon as capture the first socket: If It's a HTTP request, get a first line message. Ex:
GET https://api.producthunt.com/v1/posts HTTP/1.1
Then open the forward socket to this URL.
If it's a HTTPS, make sure do SSL-Handshake and then get the first line message.
Finally, just get the rest of message and parse to proper message(HTTPCParser from NodeJS would be potential candidate)
Send data forward and back from the client and the destination server.
Do manipulation actions if you need since you're the true mitm.
Will I need self-signed root certification mobile device?
Yes, you must install the Root Certificate in the first steps to your iOS device. For the Header/Response detail. Check chls.pro/ssl or proxy.man/ssl from those Charles or Proxyman, and see the content.
You can do it on iOS Simulator by using ADVTrustStore
Are there any libraries which will help me?
You can check the those famous open source to see how it works
- mitmproxy
- zapproxy
- http toolkit
Hope this can help you.
Using Charles Proxy to see your mobile's requests is super easy.
Here is a simple video going over how to set it up. https://www.youtube.com/watch?v=AW2vTBRfOrU
I am currently testing with the Spotify API. Saterday I was able to send a request to https://79777278.spotilocal.com:4371/simplecsrf/token.json (a local Spotify webserver) i updated to version 10.0.62 and it didn't respond anymore. On my other pc (version 10.0.60) its working perfectly. I tried sending the request to https://172.0.0.1:4371/simplecsrf/token.json but I got a connection timeout.
Does anybody know if this API is moved or removed?
It might have been removed. Going to http endpoint directly by ip address a few ports up probably still work. http://127.0.0.1:4381/simplecsrf/token.json
I have a problem with an Express.js service running on production that I'm not able to replicate on my localhost. I have already tried requesting all the urls to production again to my local machine, but on my machine everything works fine. So I suspect that the problem comes with the data on the http headers (cookies, user agents, languages...).
So, is there a way, (some express module, or sniffer that runs on ubuntu) that allows me to easily create a dump on the server with the whole header so I can later repeat those exact requests to my localhost?
You can capture network packages with https://www.wireshark.org/, analyze them and maybe find the difference between your local environment and the production one.
You can try to use a Proxy-Tool like Charles (https://www.charlesproxy.com/) or Fiddler (http://www.telerik.com/fiddler) to log your Browser Requests.
What tool / function can we use on our linux server running CentOS to monitor the http headers that are sent from our application to another application on a different server? Looking for http header monitoring from server to server. My issue is I have no idea how to capture the data sent from the server, meaning the http headers sent via a post. I have tried many methods and third party software's like fiddler2 and ieinspector and the list goes on, but they only seem to capture the client headers and not what is being sent out from the server. I just need to capture the string being sent out via a post function and what is being returned. Seems simple, yet in this case, I'm beyond lost and running out of time to resolve what should be a simple solution. Please advise & thank you kindly.