WebSocket

1. What's it?

Proxyman could capture WebSocket (WS) and Secure WebSocket (WSS) traffic and easily preview it.

• Capture WS/WSS from iOS Physical devices and iOS Simulator (Required Atlantis framework)

• Capture WS/WSS from Web Browser and Mac applications.

• Capture WS/WSS from Android Physical devices or Android Emulators.

• Prettier WebSocket Message.

• Filter All / Sent / Received messages.

• See the content in JSON / Tree Preview / HEX format.

• Customize Columns: Frame, Length, Data, Time, ...

• Auto-decode Binary Message to JSON if possible

• Open WebSocket messages by external Editors, such as Sublime, VSCode

2. Capture WS/WSS from iOS

If your iOS app is using URLSessionWebSocketTask or iOS WebSocket libraries, e.g. Starscream, SocketRocket, etc. Proxyman might not be able to capture WS/WSS traffic.

• Reason: Apple's intention. URLSessionWebSocketTask doesn't respect the System HTTP Proxy. All WS/WSS traffic goes directly to the Internet. Thus, Proxyman or Charles Proxy can't capture it.

• Example Ap: https://github.com/ProxymanApp/websocket-example-ios-app

✅ Solution 1 (Recommended for iOS 17 or later)

1. Follow the Setup guide for your iOS Devices or iOS Simulators (Make sure we installed and trusted the certificate on your device)

2. Proxyman Setup: Tools > Proxy Settings > SOCKS Proxy settings -> Enable it (Take note of the port)

3. On the main Proxyman app -> Take note of a current IP in the Proxyman Tools bar

1. On your app: Configure a SOCK Proxy in your App, make sure this is only available for debug builds by implementing a switch or something, you might not want your release build with this configuration.

• For NWConnection

• For URLSession and URLSessionWebSocketTask

1. Done ✅

• Credit to FranklinSamboni -> https://github.com/ProxymanApp/Proxyman/issues/586#issuecomment-2125082129

• Tutorial: https://proxyman.io/posts/2019-10-18-WebSocket-Debugging

✅ Solution 2

Use Atlantis Framework (developed by Proxyman) to capture WS/WSS URLSessionWebSocketTask traffic from iOS.

Read more at https://github.com/ProxymanApp/atlantis

3. Capture WebSockets from your Web Browser (Chrome, Safari, etc)

• Proxyman can capture WS/WSS from a Web Browser out of the box. No need to configure anything.

• How to use: Open Google Chrome -> Visit your website that makes a WS/WSS connection -> Open Proxyman -> Find your websocket domains -> On the Response Panel -> Click Enable SSL Proxying on these domains. Open your Browser, and reload your website -> Proxyman will capture and decrypt WS/WSS ✅

4. Capture Websocket from NodeJS, Golang, Python Server

• Proxyman can capture WS/WSS from your NodeJS, Golang, Python, and Ruby server.

• How to use: Read Automatic Setup to start your server on this Terminal -> Make a WS/WSS connection -> Proxyman automatically captures and decyrpts it ✅

5. Map Websocket from Localhost <-> Production

It's possible to map the WebSocket Traffic from localhost <-> Production. Please check out the Map Remote Tool.