mirror of
https://github.com/ProxymanApp/Proxyman.git
synced 2026-04-25 16:15:55 +03:00
[GH-ISSUE #1007] SSL proxying does not work for connections to apple.com #1002
Labels
No labels
Discussion
Feature request
In Progress...
Plugins
Waiting response
Windows
Windows
bug
duplicate
enhancement
feature
good first issue
iOS
macOS 10.11
question
wontfix
✅ Done
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/Proxyman#1002
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @vprelovac on GitHub (Sep 25, 2021).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1007
Originally assigned to: @NghiaTranUIT on GitHub.
Proxyman version? (Ex. Proxyman 1.4.3)
Latest
macOS Version? (Ex. mac 10.14)
11.5
Steps to reproduce
Turn on SSL proxying for apple.com
Expected behavior
apple.com loads
Instead it fails to load with:
SSL Handshake Failed
handshakeFailed(NIOSSL.BoringSSLError.sslError([]))
Screenshots (optional)
Proxyman cert is installed and trusted.
@NghiaTranUIT commented on GitHub (Sep 26, 2021):
Hey, this issue happens with Charles Proxy and Fiddler too. For some reason, Safari rejects all SSL from self-signed certificates and there is no way to fix it.
If you try to sniff apple.com from Google Chrome, it works fine without any problems 👍
I suppose that it's an intention from Apple to prevent being intercepted from Mitm apps.
@vprelovac commented on GitHub (Sep 26, 2021):
Thank you for your comment. I am interested in the origin of the touch icon for apple.com that Safari uses and clearly downloads from apple.com.
However it is not https://apple.com/apple-touch-icon.png
Laying it out there in case you had other ideas how to get it.
@NghiaTranUIT commented on GitHub (Sep 27, 2021):
I'm not sure how to find the touch icon you'd like. Maybe we can get from the Developer Inspector or parse the <head> of apple website 🤔
@vprelovac commented on GitHub (Sep 27, 2021):
Apple seems to use a non-standard file name for it and SSL proxy was my only hope. As you said none of the others work too and I tried them all. Thanks for looking into it anyway.
@VaslD commented on GitHub (Nov 19, 2021):
https://www.apple.com/apple-touch-icon.png
The file
apple-touch-icon.pngin the root/home directory of the website is used unless a link is specified in the<head>element of the web page:This isn't RFC'd but is pretty much universal on all major websites. Like https://facebook.com/apple-touch-icon.png
Edit: Found documentation: https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html
@chrise86 commented on GitHub (Dec 17, 2021):
For some reason I can't even see requests made to
itunes.apple.com, yet can see other apple related calls.@NghiaTranUIT commented on GitHub (Dec 19, 2021):
There are many reasons why you might not see the
itunes.apple.com. One of the reasons is that this traffic doesn't go through the System HTTP/HTTPS Proxy, where Proxyman is listening. It might intentionally be designed this way to prevent being captured from the MitM app.Even though we can capture
itunes.apple.com, but you couldn't intercept their HTTPS Traffic, because it's protected by SSL Pinning.@chrise86 commented on GitHub (Dec 19, 2021):
The request is inside a react native app. Although, I’ve noticed Proxyman randomly not showing some requests sometimes, but showing them randomly at other times, so I’m not sure what it is currently.
@NghiaTranUIT commented on GitHub (Dec 20, 2021):
Can you share with me what the App is? I'd like to download and test it.
As it's a React native app, so it might not respect the HTTP System Proxy too. Doc: https://docs.proxyman.io/debug-devices/react-native