Wildcard domains not capturing as expected.

[isadon]

Proxyman version? (Ex. Proxyman 1.4.3)

Proxyman Version 2.18.0 (21800)

macOS Version? (Ex. mac 10.14)

macOS 11.2.1 (20D74)

Steps to reproduce

1. Add cloudfunctions.net Wildcard to SSL Proxy List - you will see that cloudfunctions.net* gets added....
2. Add cloudfunctions.net Wildcard to Allow White List, make sure Include all Subpaths of this url is checked.
3. Curl the following and notice Proxyman does not capture the result.:

curl "https://us-central1-test.cloudfunctions.net/sendLogTest"

4. Remove the cloudfunctions.net* Wildcard entry from SSL Proxy List and add *.cloudfunctions.net*.
5. Modify the cloudfunctions.net Wildcard entry from Allow List to be *.cloudfunctions.net*.
6. Perform step 3 again and notice the request is now captured.

Expected behavior

Proxyman should capture the request when entering SSL Proxy List and Allow List Wildcard domain to be cloudfunctions.net result without having to add *.cloudfunction.net* as a Wildcard which will work. Entering that is pretty much entering a Regex, the user expects that cloudfunction.net for both SSL Proxy List and Allow white list should capture this scenario.

[NghiaTranUIT]

@donileo I suppose that if we want to:

• Match all sub-domain, we should use *.cloudfunction.net (One asterisk(*) and Include all subpath is checked)

the user expects that cloudfunction.net for both SSL Proxy List and Allow white list should capture this scenario.

I don't think that cloudfunction.net should match sub-domains too, because they're different.

Regarding *.cloudfunctions.net*

It might be a bug, I will check it out 👍

[isadon]

@NghiaTranUIT I actually forgot to mention above that using *.cloudfunctions.net for SSL Proxy List and Allow list also doesn't capture the curl request. It has to be *.cloudfunctions.net*.

When you add *.cloudfunctions.net to SSL Proxy List it automatically becomes *.cloudfunctions.net* which seems like a separate bug? Maybe not..

[NghiaTranUIT]

I actually forgot to mention above that using .cloudfunctions.net for SSL Proxy List and Allow list also doesn't capture the curl request. It has to be .cloudfunctions.net*.

It might be a bug. I'm investigating it and send you a beta build soon 👍

[NghiaTranUIT]

Sorry for the delay, I'm so busy working on other tickets for the 2.19.0 release (https://github.com/ProxymanApp/Proxyman/milestone/102)

When you add .cloudfunctions.net to SSL Proxy List it automatically becomes .cloudfunctions.net* which seems like a separate bug? Maybe not.

It's not a bug. We intentionally add the to the end to make sure all subpaths of this domain are matched. Many people forget the append the trailing , so Proxyman could not enable SSL Proxying.

Solution => For the wildcard domain, I present the prefix to make it clear that it's a wildcard. For instance, Wildcard: *.cloudfunctions.net*

Regarding *.cloudfunctions.net and "Include all subpath" is ON that not match the curl

It's a bug. I'm working on it now 👍

[NghiaTranUIT]

Hey @donileo Let check out this Beta build: https://proxyman.s3.us-east-2.amazonaws.com/beta/Proxyman_2.18.0_Fix_Wildcard.dmg

From now, *.cloudfunctions.net* in SSL Proxying and *.cloudfunctions.net with "ON Include Subpath" on Whitelist will match your cURL.

[isadon]

Hi @NghiaTranUIT I have tested and believed the issue is now fixed. I am however seeing something new which is that when selecting to add the Wildcard To Allowlist and checking the Allow all Subpaths option back in SSL Proxy List a new entry gets added. I don't believe that’s normal as I should only see the items that I have added in SSL Proxy List. Below is a screenshot of what gets added.

The wildcard item in blue is what I initially had.. The item pointed to by the arrow gets added after adding the Wildcard to the Allow list.

[NghiaTranUIT]

It's our decision to help people resolves their common mistakes:

Many Proxyman users didn't know that they have to enable SSL on a domain that they added to Block List / Allow List / Other tools. As a result, we've received a lot of questions about why the Block/Allow List doesn't work after adding a new rule.

The answer is quite simple. Just add a domain (in Block/Allow list) to SSL Proxying List or right-click on them -> Enable SSL Proxying.

To make it easier to use, we decide to automatically create a rule in SSL Proxying as soon as new rules are added in debugging tools.

---

From your case, it looks like a bug, because *.cloudfunction.net is a wildcard, but it appears as a domain. I will fix it 👍