问题描述

我试图拦截一个https请求，该请求提供JS文件并使用我的本地文件。
使用fiddler工具，我能够成功拦截所有http请求服务文件。
但无法为https文件执行此操作。
注意：我已将我的JS文件保存在本地服务器中..我只使用了直接路径，如C：\\\\test.js

您是否启用了解密HTTPS流量选项？

Fiddler2包括解密，查看，并修改HTTPS安全流量以进行调试。 默认情况下禁用解密功能。​​

默认情况下，会话列表将仅显示HTTPS加密字节流经的CONNECT隧道。

点击工具>启用流量解密选项。提琴手选项> HTTPS 和勾选 解密HTTPS流量框。

更新：

您可能希望顺便从代理发送备用javascript（而不是更改源以在用户本地计算机上包含脚本文件）。

此外，正如EricLaw对此答案的评论所指出的：

你还想看看Fiddler的 AutoResponder标签允许您从本地磁盘返回文件，而不是将请求发送到服务器。

在此选项卡上，您可以输入匹配规则和操作字符串，如果请求URI与匹配规则匹配，Fiddler将采取行动。

额外（因为评论不能这样做，因为它会破坏https的目的）

顺便说一句，这几乎不是一个新概念，可以做到尽我所知。

I am trying to intercept a https request which serves a JS file and use my local file instead.Used fiddler tool and i am able to successfully intercept all the http request served files.But unable to do it for the https files.Note: I have kept my JS file in a local server..I just used the direct path like C:\test\test.js

Did you enable the Decrypt HTTPS Traffic option?

Fiddler2 includes the ability to decrypt, view, and modify HTTPS-secured traffic for debugging purposes. The decryption feature is disabled by default.
By default, the session list will show only a CONNECT tunnel through which the HTTPS-encrypted bytes flow.

Enable the traffic decryption option by clicking Tools > Fiddler Options > HTTPS and ticking the Decrypt HTTPS Traffic box.

Update:
You might want to send the alternate javascript from your proxy by the way (instead of changing the source to include a script file on the users local computer).

Also, as pointed out by EricLaw in the comment to this answer:
You'd also want to look at Fiddler's AutoResponder tab which allows you to return files from your local disk instead of transmitting the request to the server.
On this tab you can enter a match rule and an action string, and Fiddler will undertake the action if the request URI matches the match rule.

Extra (because of a comment that this can't be done because it would defeat the purpose of https)

It's hardly a new concept by the way, mitmproxy can do it to as far as I can tell.

Hope this helps!

这篇关于拦截来自安全服务器的javascript文件并改为使用本地文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！