In previous jobs when I've worked on a Windows machine, I've used Fiddler for viewing HTTP transactions and debugging.
I'm specifically looking to monitor the HTTP transactions for an ajax site I'm working on to verify that the site is doing what I expect. Rewriting HTTP (as provided by Fiddler) is a nice-to-have, but not essential.
Can anybody recommend something similar for use on a Mac?
Use Chrome and navigate to chrome://net-internals/
It allows detailed analysis and dumps.
I found Charles Proxy. It's much closer to the functionality of Fiddler. It's not free, but it may be worth the price.
My favorite mac app for monitoring traffic is HTTPScoop, I detail that as well as using tcpdump from the commandline in this post I blogged last year.
Not what you asked, but in Firefox the Live HTTP Headers add-on is all I need if I want to edit and re-play requests, including changing the URL and the HTTP method.
In Firebug, the Network Monitoring shows all requests and responses. Likewise, in Safari the Resources pane of the built-in Web Inspector covers most of my needs as well. (Enable the Web Inspector through the preferences: Show Develop menu in menu bar.) Chrome and Firefox have similar tools.
When things get more complicated, I fire up my Wireshark packet sniffer. However, unlike Fiddler, Wireshark does not let you change the data, and does not support things like auto responders, like Fiddler apparently does.
For Wireshark, see Hyper Text Transfer Protocol (HTTP) for some generic HTTP capturing information, and HTTP Packet Capturing to debug Apache, for some example display filters. (You may want to set the capture filter to "port 80", to show all requests to that port, and responses from that port. Or, to limit to some server, use capture filter "port 80 and host www.google.com".) Like:
# Show only 404: page not found http.response.code == 404 # Show only certain HTTP methods http.request.method == "POST" || http.request.method == "PUT" # Show only javascript http.content_type contains "javascript"
Note that Wireshark can decompress gzip or deflate encoded (compressed) things on the fly for you. That makes things much easier to read as most web servers will compress the data they send to a browser.
(As for auto responders: the excellent JS Bin has a short video on how to use it to debug Ajax requests. If you don't know JS Bin, then first view the introduction video.)
In addition to Charles (already mentioned), I also like the HttpFox add-on for Mozilla Firefox. Like Charles, you can use it on both Mac and Windows. It's lighter-weight than Charles because it lives in the browser, useful for quick troubleshooting. Here's some information from the HttpFox page:
HttpFox monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers.
It aims to bring the functionality known from tools like HttpWatch or IEInspector to the Firefox browser.
Information available per request includes:
- Request and response headers
- Sent and received cookies
- Querystring parameters
- POST parameters
- Response body
And, a screenshot:
Not a proxy, but it does help in debugging HTTP:
Simply start a scan on the interface you're going to have the HTTP traffic on, execute the traffic and then stop scanning and type "HTTP" as the filter string. You will then be able to inspect all the packets of the HTTP conversation. With the Packet Detail view open you can open the HTTP section and it will stay open between packets.
It's a great tool to have and it doesn't require you to change the browser proxy. On the other hand it cannot help with HTTPS traffic since that's encrypted. (Although it can decrypt SSL connections that use RSA)
I'm late but - I use Paros Proxy. It's in Java, so, cross-platform. Though if you would prefer for it to be packaged as an app, there's one here at the bottom.
Don't forget Burp Suite. They have a free version. It's cross platform. http://portswigger.net/burp/
You can easily configure Fiddler for Mac using Parallels as per instructions on their site.
The only caveat is that you have to manually configure your Network settings to point to the IP address of the VM but not really that big of a deal.
It seems that the free GlimmerBlocker can do part of the trick.
Of course it can block all kind of content, and transform responses before the browser receives them. But it can in fact modify both requests and responses. And though not true debugging, it also offers logging. So, it might suit basic needs:
There are 4 types of scripts running inside GlimmerBlocker, and some objects are only defined for some of the script types:
- global proxy: this sets the global proxy settings, and can test for e.g. location name, AirPort network.
- request modification: this can change the requested URL, send back a redirect response to the browser, or send text/html back to the browser.
- keyword expansion. [Safari-only, AvB]
- transform: modify the response received by the web-server before it is sent back to Safari [or any browser that is set up to use the proxy provided by GlimmerBlocker, AvB].
(One can also use it to include various Greasemonkey scripts in the received response, without using a Greasemonkey add-on, like to block Flash without installing any add-on.)
jMeter might also be helpful; it's designed for testing load performance on web servers, but it might still do what you need. jMeter is written in Java, so you can download a .jar file that will run on Mac, Windows, or Linux.
If you're dealing with app traffic or third-party API integrations that go over the public internet, you should try Runscope (of which, full disclosure, I am a co-founder). It captures HTTP requests to any URL, gives you a nice stream view for debugging and makes it easy to share individual requests with others.
You could also try APIKitchen. It helps you in debugging and testing HTTP APIs and any requests in general. It also has an offline version for testing in your internal networks. No installation necessary.
