HTTPS requests from client with no proxy support

3 posts, 0 answers
  1. Ryan
    Ryan avatar
    1 posts
    Member since:
    May 2014

    Posted 14 Oct 2015 Link to this post

    I'm attempting to use Fiddler to debug web traffic from a Roku\Brightscript application, where the client HTTP library does not have built-in proxy support (that I can find). I've been able to get unencrypted traffic running through Fiddler by manually placing a Host header so that a request that would look like this: 

    GET http://www.myserver.com/path

    Becomes:

    GET http://<proxyip>:8888/path
    Host: www.myserver.com

    This is working perfectly, but HTTPS calls are not, and the particular server I'm trying to debug specifically requires HTTPS. I'm referencing the Fiddler root certificate, and I've tried setting Host to "www.myserver.com:443", using both https and http for the protocol of the actual request, and the request continues to either time out or fail immediately. I was hoping somebody would know something simple that I'm missing to get this working. Thanks in advance.

  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 16 Oct 2015 Link to this post

    Hi, Ryan--

    What you're trying to do is act as a "Reverse Proxy for HTTPS".

    From the Fiddler book:

    Acting as a Reverse Proxy for HTTPS

    One problem with running as a reverse proxy is that the client never knows that its traffic is really flowing through a proxy server. That means that if the client makes a HTTPS request to Fiddler, it does not establish a CONNECT tunnel first, it instead attempts to begin a HTTPS handshake immediately. Fiddler, expecting a HTTP request, will consider the binary HTTPS handshake as malformed traffic and will abort the connection.

    This problem can be solved by creating an additional network listener for Fiddler to receive HTTPS connections. In the QuickExec box below Fiddler's Web Sessions list, type

        !listen 444 WebServer

    This will create a new network listener on port 444 which will expect all inbound connections to start with a HTTPS handshake. Fiddler will act as the server, returning a certificate for whatever hostname was specified in the second parameter to the listen command. In the example above, the certificate would match any request to https://WebServer.

    After the secure connection is established, the OnBeforeRequest handler in FiddlerScript may route the inbound secure requests to the actual server. You can examine the oS.oRequest.pipeClient.LocalPort property to identify requests that were sent to the secure listener.



    Regards,
    Eric Lawrence
    Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. Bolt0n
    Bolt0n avatar
    1 posts
    Member since:
    Sep 2016

    Posted 02 Sep Link to this post

    Hello. Did you try to use some proxy servers? Like http:/advanced.name, or other, for example?
Back to Top