search

webmetrics / browsermob-proxy

NOTICE: this project has been forked and is being maintained at https://github.com/lightbody/browsermob-proxy
https://github.com/lightbody/browsermob-proxy
Apache License 2.0
232 stars 763 forks source link

wireUpSslWithCyberVilliansCA #105

Closed julianherty closed 11 years ago

julianherty commented 11 years ago

Hi,

I'm having an issue with browsing https pages using a "self signed certificate". Every time i try to access the website there is a "Server not found error".

Everything is working fine for others websites (in https and http) , i'm using browsermob-proxy beta 7 (JAVA or REST --> same error) with chrome and firefox manualy launched and correctly configured.

I launched a debug trace of browsermob-proxy and find that the problem happen in the class SeleniumProxyHandler in this function (line 573):

protected void wireUpSslWithCyberVilliansCA(String host, SslRelay listener) {
    File root = File.createTempFile("seleniumSslSupport", host);
    [...]

The host variable start with a '*' so the JVM fail to create a file with this name (because i'm on windows ...)

This is the class that append a '*' in front of the host : BrowserMobProxyHandler.wireUpSslWithCyberVilliansCA(String host, SeleniumProxyHandler.SslRelay listener) (line 86)

if (originalHosts.size() == 1) {
         host = originalHosts.get(0);
} else {
         // Warning: this is NASTY, but people rarely even run across this and those that do are solved by this
         // ok, this really isn't legal in real SSL land, but we'll make an exception and just pretend it's a wildcard
         String first = originalHosts.get(0);
         host = "*" + first.substring(first.indexOf('.'));
}

I think this bug shouldn't happen on Unix system and as the commentary said it should be rare.

Maybe a fix could be to remove invalids characters when we create the temporary file?

For now i will try to use browsermobproxy on a linux OS but other people might encounter this problem.

I hope you can find the time to fix it.

Thanks for this great tool !

lightbody commented 11 years ago

Unfortunately I don't have a Windows system to test with, but I'm betting that if you introduce some simple code that whenever the file is written to or read from we just do host.replace("*", "_") that might solve it. Would you be able to try it out and let us know?

julianherty commented 11 years ago

Hi,

I'm using a linux system for now and it work really well ! Thanks again for this wonderful tool.

Sorry i didn't come back sooner, i tried what you proposed by replacing this line in SeleniumProxyHandler.java

File root = File.createTempFile("seleniumSslSupport", host);

by those two : 

String escapedHost = host.replace('*', '_');
File root = File.createTempFile("seleniumSslSupport", escapedHost);

I don't know if this will break other things in the code but i tried to open about 20 pages with my own signed certificates and it worked well (i could get the har, change headers ...) there was no apparent problem.

I decided to use a linux system for browsermob-proxy but maybe it will help others users who must use windows.

Thanx for your support.

lightbody commented 11 years ago

This is fixed in the primary development line, which is at https://github.com/lightbody/browsermob-proxy