exploring a web 2.0 app

I was trying today to understand what communication was going in the social site project today, which contains an implementation of the Open Social protocol. As the application uses a lot of asynchronous javascript, and as it is difficult to find the URLs for the resources pointed to (they get constructed at run time), one has to listen in on the wire to find the structure of the project. But that is not at all as easy as one could hope. Here is how I got going:

  • Usually I use the command line tcpflow that just captures all the communication on the wire. The problem is that this does not decrypt the ssl connections, and social site has a lot of requests going over https.
  • There was a Firefox plugin called Slogger that would keep all the communication going back and forth and store it to the hard disk. But it is no longer maintained, and no longer seems to be working for Firefox 3.0.1 . (I even tried the workaround suggested on the plugin page)
  • Firebug is another, and very useful, such Firefox plugin. It works and was good enough for what I needed to do. The only problem is that it seems to have to make the requests again to show you the content, which is a problem for POST requests as these could have side effects. Here is a picture: Firebug HTTP console
    (one can immediately see some oddities here: the last visible request asks for xml content types, but the response is json).
  • Francois Le Droff pointed me to Charles Web Debugging Proxy (written in Java) which is a proprietary proxy, that seems to be able to do it all. I have not tried it yet, as Firebug did the job for me. But I may need to get it at some later time, when state on the server starts getting to be important.

Getting this type of information is really important when debugging an application. Hopefully bug 430155 will be fixed soon, allowing Firebug to do the right thing. I wonder if Google's Chrome comes with this functionality built in?

Comments:

I've always used LiveHTTPHeaders

Posted by Jonathan Porter on September 02, 2008 at 01:18 PM CEST #

Hi Henry,

You could also try HttpFox: https://addons.mozilla.org/en-US/firefox/addon/6647

Cheers,

Bruno.

Posted by Bruno Harbulot on September 02, 2008 at 02:05 PM CEST #

TamperData is my favorite tool for this kind of thing:
https://addons.mozilla.org/en-US/firefox/addon/966

Posted by Jordi on September 02, 2008 at 04:57 PM CEST #

I use apache's mod_proxy for this problem.

Well, /etc/hosts, the system snakeoil cert, mod_proxy, mod_proxy_http, mod_ssl and mod_dump_io.

Posted by Toho on September 02, 2008 at 07:32 PM CEST #

[Trackback] Project SocialSite is still young, and we're working on more documentation as well as our implementation. In the meantime, you might feel like doing a little exploration yourself. In his blog "exploring a web 2.0 a...

Posted by The Project SocialSite Blog on September 04, 2008 at 02:01 PM CEST #

Post a Comment:
Comments are closed for this entry.
About

bblfish

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today