DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

How to Intercept and Debug All Java HTTP

4 years ago httptoolkit.tech

Summary: This is a summary of an article originally published by the source. Read the full original article here →

Java and the JVM more generally are widely used for services everywhere, but often challenging to debug and manually test, particularly in complicated microservice architectures. It can seize control of all HTTP & HTTPS requests in any JVM, either at startup or attaching later, to redirect them to a proxy and trust that proxy to decrypt all HTTPS, allowing MitM of all JVM traffic.

In this article, I want to walk you through the details of how this is possible, so you can understand some of the secret powers of the JVM, learn how to transform raw bytecode for yourself, and build on the examples and source code behind this to build your own debugging & instrumentation tools.

This is just part of one simple case though (the full OkHttp logic is here) and doing this for all HTTP is significantly more involved...

We just need to change the return value for all implementations of that interface: With that alone, we've redirected all traffic elsewhere.

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com