Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to inspect websocket traffic with charlesproxy for iOS simulator/devices

I would like to inspect network traffic going through web sockets, I have no control over the networking code as this is a binary lib for which I do not have the source code, so I cannot do any log/breakpoint in the networking part of the code.

I have tried using the latest version of CharlesProxy which claim to be able to sniff websockets however when I tried the url and apis using websockets were not even mentionned in the list of endpoints called from my iPhone.

Version 3.11 release notes

I have verified that CharlesProxy is configured correctly as I am able to inspect non-websocket traffic even under SSL.

So my question is: did anyone find a solution to inspect traffic going through websockets with CharlesProxy?

Note: I have ATS disabled when using iOS9

Thanks!

like image 915
matanwrites Avatar asked Oct 12 '15 20:10

matanwrites


People also ask

How does iOS connect to Charles proxy?

Open Settings, tap Wi-Fi and verify you're connected to the same network as your computer. Then, tap the ⓘ button next to your Wi-Fi network. Scroll down to the HTTP Proxy section, select Configure Proxy and then tap Manual. Enter your Mac's IP address for Server and the Charles HTTP Proxy port number for Port.

How do I use Charles Proxy on Mac?

Start Using Charles On Mac OS X you'll be asked a question about your Mac OS X Proxy Settings. In order to autoconfigure your proxy settings on Mac OS X you need to grant permission to Charles by entering your password. You can answer “Not Yet” to these two questions and you'll have the opportunity later.


1 Answers

I finally found the answer.

Charles 3.11.2 works perfectly with WebSocket.

I use socketIO, so I've already seen http requests sent during the negotiation phase, but I missed websockets traffic.

In the beginning, socketIO try to use polling then switches to use websockets.

The websocket traffic is visible when you go to the request with status: "Sending request body" which is actually wss:// request.

You even have a dedicated tab for this kind of traffic. The rest of messages will appear right there.

enter image description here

PS1. Ensure you're connected to socket properly then it appears in Charles.
PS2. I suggest using socketIO it's a great enhancement for full-duplex traffic like websockets.

like image 106
klimat Avatar answered Sep 20 '22 15:09

klimat