应用前主机密码后，如何查看HTTP协议记录？ [英] How do I view the HTTP-protocol records after applying the pre-master secret?

问题描述

我正在尝试调试Firefox开发人员工具发送的一些HTTPS请求的问题（具体来说，源地图 - 如果我打开显示原始源，我会收到404错误而不是JS源）。 / p>

我已经用dumpcap + firefox + SSLKEYLOGFILE捕获了一些HTTPS日志，但现在感觉工具正在崩溃。

我已经得到了解密的SSL数据，但内容是gzip压缩的！我不能读这个！

如何让Wireshark将解码的SSL数据解析成HTTP流？

解决方案

按照SSL Stream 选项是一个通用的SSL解析器功能，显示SSL明文数据的原始内容。在您的捕获中，HTTP响应主体被压缩，但对于SSL解析器来说完全不透明。

Wireshark可以解压缩压缩的HTTP响应正文，一定要启用它在 - > 协议 - > - > 解压实体实体。之后，主窗口中字节视图底部将会有一个未压缩实体主体选项卡。

I'm trying to debug a problem with some HTTPS requests that the Firefox developer tools are sending (specifically, the source maps - if I turn on "Show original sources" I get a 404 error instead of JS source).

I've captured some HTTPS logs with dumpcap + firefox + SSLKEYLOGFILE, but now it feels like the tools are falling apart.

I've got the decrypted SSL data, but the content is gzipped! I can't read this!

How do I get Wireshark to parse the decoded SSL data as an HTTP stream?

解决方案

The Follow SSL Stream option is a generic SSL dissector feature that displays the raw contents of SSL plaintext data. In your capture, the HTTP response body is compressed, but that is completely opaque to the SSL dissector.

Wireshark can decompress the compressed HTTP response body, be sure to enable it at Preferences -> Protocols -> HTTP -> Uncompress entity bodies. After that, there will be a Uncompressed entity body tab on the bottom of the byte view in the main window.

这篇关于应用前主机密码后，如何查看HTTP协议记录？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！