[英]Client (Mobile) how to intercept and modify http response
I am Android developer, my application uses a bunch of http REST calls and it gets responses from servers.我是 Android 开发人员,我的应用程序使用一堆 http REST 调用并从服务器获取响应。 I use Charles to inspect the data (so I have to install Charles certificate onto my device so that https traffic can be read by myself).我使用 Charles 检查数据(所以我必须在我的设备上安装 Charles 证书,以便我自己可以读取 https 流量)。
Are there any tools out there like Charles that will allow me to modfiy that response packet before sending to the client ??有没有像 Charles 这样的工具可以让我在发送到客户端之前修改该响应数据包?
Charles itself has the functionality. 查尔斯本身就有这个功能。 Follow the steps: 按照步骤:
Depending on what exactly you want to modify, Charles' inbuilt Rewrite Tool might be what you are looking for. 根据您想要修改的内容, Charles的内置重写工具可能正是您所需要的。 You find it in the Tools menu. 您可以在“工具”菜单中找到它。 You can specify which requests shall be modified by protocol, host, port, path and query, and you have the following modification options: 您可以指定应通过协议,主机,端口,路径和查询修改哪些请求,并且您具有以下修改选项:
Another option is Fiddler . 另一种选择是Fiddler 。 Like Charles it can be configured as a proxy for android , decrypt HTTPS traffic and modify request and response . 像Charles一样,它可以配置为android的代理 , 解密HTTPS流量并修改请求和响应 。
You may try OWASP ZAP or Burp Suite . 您可以尝试OWASP ZAP或Burp Suite 。 OWASP ZAP is completely free and provides a number of features. OWASP ZAP完全免费,并提供许多功能。
See also Android : Capturing HTTP Requests with non-rooted android device .另请参阅Android:使用非根 android 设备捕获 HTTP 请求。
I've recently tested HTTP Toolkit on Android emulator.我最近在 Android 模拟器上测试了HTTP Toolkit 。 It works and allows to capture and edit response from a server.它可以工作并允许从服务器捕获和编辑响应。 Some functions are paid (in Pro version).某些功能是付费的(专业版)。 Requires root priviledges on real devices.在真实设备上需要 root 权限。
You can also use Burp Suite or Fiddler.您还可以使用 Burp Suite 或 Fiddler。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.