Reputation: 11862
How to start OWASP ZAP proxy with Chrome webdriver and java?
I download today (13-05-2020) a new OWASP ZAP. I regenerate root CA certificate. I configure local proxy to localhost:8092
After un run a simple java code:
public static void main(String[] args) throws InterruptedException {
Proxy proxy = new Proxy();
proxy.setAutodetect(false);
proxy.setHttpProxy("localhost:8092");
proxy.setSslProxy("localhost:8092");
final OperatingSystem currentOperatingSystem = OperatingSystem.getCurrentOperatingSystem();
String pathWebdriver = String.format("src/test/resources/drivers/%s/googlechrome/%s/chromedriver%s", currentOperatingSystem.getOperatingSystemDir(),
SystemArchitecture.getCurrentSystemArchitecture().getSystemArchitectureName(), currentOperatingSystem.getSuffixBinary());
if (!new File(pathWebdriver).setExecutable(true)) {
logger.error("ERROR when change setExecutable on " + pathWebdriver);
}
System.setProperty("webdriver.chrome.driver", pathWebdriver);
final ChromeOptions chromeOptions = new ChromeOptions();
chromeOptions.addArguments("--ignore-certificate-errors");
chromeOptions.setCapability(CapabilityType.PROXY, proxy);
chromeOptions.setCapability(CapabilityType.ACCEPT_SSL_CERTS, true);
chromeOptions.setCapability(CapabilityType.ACCEPT_INSECURE_CERTS, true);
WebDriver driver = new ChromeDriver(chromeOptions);
for (int i = 0; i < 6; i++) {
//driver.get("http://www.google.com/ncr");
// www.google.com work (OWASP ZAP list all requests) but not localhost
driver.get("http://localhost:8080/ui");
}
driver.quit();
}
Selenium script run OK but OWASP ZAP don not intercept any requests.
Upvotes: 0
Views: 4831
Answers (1)
Reputation: 1526
You'll need to ensure you include SSL proxy details (along side the HttpProxy details), ex:
proxy.setSslProxy("<proxy-host>:<proxy-port>");, or more specifically proxy.setSslProxy("localhost:8092"); for your code
To be able to proxy localhost in modern versions of Chrome you need to remove loopback from the proxy bypass list as follows:
--proxy-bypass-list=<-loopback>, or in your code specifically: chromeOptions.addArguments("--proxy-bypass-list=<-loopback>");
You may also want to consider adding: chromeOptions.addArguments("--ignore-certificate-errors");
Upvotes: 2
Related Questions
- How to set Proxy Authentication in seleniumWebdriver for Chrome Browser
- Using OWASP ZAP Proxy for existing suite of Selenium tests
- Setting up browsermob proxy with ChromeDriver
- Local traffic not proxied via Java ZAP API by ChromeDriver
- org.zaproxy.clientapi.core.ClientApiException: java.net.ConnectException: Connection refused: connect error while connecting to ZAP using Java API
- ZAP setup for selenium
- Set up drivers for owasp zap in selenium using java
- how to use ZAP JxBrowser in ZAP selenium?
- OWASP ZAP - Extract URL after browser is launched using Selenium Python
- How to integrate selenium and ZAP