0

To inspect HTTP traffic between a Node.JS server and a client I simply use WireShark. For HTTPS traffic, WireShark is less useful for inspection because the payloads are encrypted.

Is there a Node.JS utility to inspect the (unencrypted) HTTPS traffic it generates?

Randomblue
  • 112,777
  • 145
  • 353
  • 547
  • I assume you don't have the possibility to host the Node.JS application on your own machine and/or edit the source code? (To insert a traffic dumping routine?) – Christian Dec 28 '13 at 14:41
  • Hm, what's the other endpoint of the HTTPS connection? – Christian Dec 28 '13 at 15:14
  • Possible duplicate of [Can a proxy (like fiddler) be used with Node.js's ClientRequest](https://stackoverflow.com/questions/8697344/can-a-proxy-like-fiddler-be-used-with-node-jss-clientrequest) – KyleMit Jan 15 '19 at 16:44

1 Answers1

3

There is generally three ways to inspect ssl connection:

  1. view at the client
  2. view at the server
  3. execute MitM

Pick any one you want.

Here's traffic dumping monkeypatch for server-side node v0.11.x:

  var tmp = require('_http_server')._connectionListener
  require('_http_server')._connectionListener = function(socket) {
     socket.on('data', function(data) {
        console.log(data.toString('utf8'))
     })
     var w = socket.write
     socket.write = function(data) {
        console.log(data.toString('utf8'))
        w.apply(socket, arguments)
     }
     tmp.apply(this, arguments)
  }
alex
  • 11,935
  • 3
  • 30
  • 42