Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Request Intercept and Self Signed Certificates

See original GitHub issue

I am trying to intercept every request, then modifying its response’s body and sending to browser. It all works fine until SSL certificate of website is valid. If some website has self signed SSL certificate then request always shown as pending in network section of developer console of Chromium and my interception function is never called. Even I have added setOverrideCertificateErrors to true and added listener for certificateError. How to solve this issue?

const chromeLauncher = require('chrome-launcher');
const CDP = require('chrome-remote-interface');
const atob = require('atob');
const btoa = require('btoa');

async function main() {
    const chrome = await chromeLauncher.launch({
        chromeFlags:
            [
                '--window-size=1200,800',
                '--user-data-dir=/tmp/chrome-testing',
                '--auto-open-devtools-for-tabs'
            ]});

    const protocol = await CDP({ port: chrome.port });
    const { Runtime, Network, Security } = protocol;
    const activated = await Promise.all([Runtime.enable(), Network.enable(), Security.enable()]);

    Security.certificateError(({eventId}) => {
        console.log("Ignoring cert error for " + eventId);
        Security.handleCertificateError({
            eventId,
            action: 'continue'
        });
    });

    await Security.setOverrideCertificateErrors({override: true});

    console.log("Network enabled: " + activated);

    await Network.setRequestInterception({patterns: [{
        urlPattern: '*',
            interceptionStage: 'HeadersReceived' }]});

    Network.requestIntercepted(async ({interceptionId, request}) => {
        console.log(`Intercepted ${request.url} {interception id: ${interceptionId}}`);
        const response = await Network.getResponseBodyForInterception({ interceptionId });
        console.log("Actual Body: " + response.body);
        const bodyData = response.base64Encoded ? atob(response.body) : response.body;
        // Do some changes to original data then forward it
        console.log("Decoded Body: " + bodyData);
        Network.continueInterceptedRequest({interceptionId});
    });
}

promise = main();
promise.then(value => console.log("Done Setting Up"));

Issue Analytics

State:
Created 5 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

1reaction

kamilmahmoodcommented, Oct 12, 2018

I have opened a issue on Chromium Bug tracker. Link to the issue https://bugs.chromium.org/p/chromium/issues/detail?id=894847&can=2&q=certificate&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified

0reactions

kamilmahmoodcommented, Oct 12, 2018

--ignore-certificate-errors seems to do the trick. It is working now. Thanks for helping.

Top Results From Across the Web

Configure SSL intercept for an explicit deployment using a self ...

Create a self-signed certificate; View and validate the new certificate; Enable SSL detection for explicit proxy requests; Select the new ...

What is a Self-Signed Certificate? Advantages, Risks ...

In this case, the certificate is signed with its own private key, instead of requesting it from a public or a private CA....

Managing certificates for intercepting SSL connections

You can use the following types of certificates: Self-signed certificate. CSR-based certificate. PFX-based certificate. Comparative characteristics of ...

tls - How is intercepting my own HTTPS traffic possible?

The solution is to install a root certificate from Burpsuite. When you install it, you're saying that you trust any certificate signed by ......

How to install and trust self-signed certificates on Android 11?

1. Download your self-signed certificates · 2. Install & Trust · 3. Verify that you're trusted the certificate · 4. Start intercepting HTTPS ......