Reputation: 31
WebSockets and Application Proxy Connection Issues
Does anyone have a websocket connection working with an application proxy (e.g. burp or zap)?
For example, I have a working version of jWebSockets with works perfectly on my local machine.
However, when I intercept with Burp or Zap the connection times out and I get no server response back.
I have increased the timeout settings on the server side but this does not make a difference.
I have also tried using the invisible proxy option.
Thank you.
Upvotes: 3
Views: 1777
Answers (1)
Reputation: 6236
There are very few tools that support web sockets right now as its really a completely new protocol.
The current version of ZAP (1.4.1) wont, but the next major version will: http://code.google.com/p/zaproxy/wiki/GSoC2012_WebSockets
If you can build ZAP from the trunk then it will support web sockets - build instructions here: http://code.google.com/p/zaproxy/wiki/Building
It will allow you to view web socket traffic, intercept and change it and fuzz it to try and find vulnerabilities.
Let us know if you have any problems with it, eg via the ZAP developer group: http://groups.google.com/group/zaproxy-develop
Simon (ZAP Project Lead).
Update - Web Sockets support in ZAP is now available in the weekly cross-platform releases, which can be downloaded from http://code.google.com/p/zaproxy/downloads/list so you dont have to build it yourself
Upvotes: 1
Related Questions
- WebSocket on proxy
- Can't connect to websocket through proxy
- How do I make my websockets client robust in terms of proxy servers?
- web socket connection closed when behind proxy
- Web Socket behind proxy
- WebSocket client can't connect to cloud server through corporate proxy except for web browsers! (ETIMEDOUT)
- Websockets not connected behind proxy
- Python websocket-client WebSocketApp proxy not connecting?
- apache websockets reverse proxy
- Websockets behind enterprises proxies