Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Modifying websockets message content
See original GitHub issueSteps to reproduce the problem:
- Create a simple script to modify the websocket’s message content
- Run mitmdump like this: “mitmdump.exe --script websockets_com.py --mode “upstream:https://127.0.0.1:8090” --ssl-insecure”
- The messages are sent unmodified to the upstream proxy and to the server. No errors or exceptions
Any other comments? What have you tried so far?
Example of my code (based on https://github.com/mitmproxy/mitmproxy/blob/master/examples/simple/websocket_messages.py):
def websocket_message(flow):
message = flow.messages[-1]
binContent= message.content
aux = umsgpack.unpackb(binContent)
finalJSON = json.dumps(decode_msgpack2(aux)) # decode_msgpack is a function that returns a dict
message.content = re.sub(r'.*', finalJSON, format(strutils.bytes_to_escaped_str(message.content)))
# I also tried:
## message.content = finalJSON
## flow.messages[-1].content = finalJSON
# And to set the content of the new message to plaintext instead of binary data (the original is binary)
## message.type = 0x1
print(message.content) # here the JSON is printed as string, but it is still sent with the original content
I’ve tried without the upstream proxy that I have only for debugging purposes (Burp), and the result is the same.
System information
Windows 10 x64 PS C:\WINDOWS\system32> mitmdump.exe --version Mitmproxy: 4.0.4 Python: 3.6.5 OpenSSL: OpenSSL 1.1.0g 2 Nov 2017 Platform: Windows-10-10.0.15063-SP0
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:12 (7 by maintainers)
Top Results From Across the Web
javascript - Intercept WebSocket messages - Stack Overflow
To be able to modify the onmessage we have to override the global WebSocket in the first place. The below is intercepting the...
Read more >WebSocket: message event - Web APIs | MDN
The message event is fired when data is received through a WebSocket . Syntax. Use the event name in methods like addEventListener() ,...
Read more >How to modify websocket message using fiddler
I want to modify the json value, such as from DEV to PROD....but is there any UI to do that easily?
Read more >Part 1 - Send & receive - websockets 10.4 documentation
Create an app.py file next to connect4.py with this content: ... In JavaScript, you receive WebSocket messages by listening to message events.
Read more >Testing for WebSockets security vulnerabilities - PortSwigger
As well as intercepting and modifying WebSocket messages on the fly, you can replay individual messages and generate new messages. You can do...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
If you get the last websocket message, you can check
message.from_clientwhich should be True or False.You can call
message.kill()to prevent it from being sent to the other endpoint.