[GH-ISSUE #1680] SSL interception does not work when using a custom `User-Agent` header #1675

New issue

Open

opened 2026-03-03 19:53:23 +03:00 by kerem · 3 comments

kerem commented

2026-03-03 19:53:23 +03:00

Owner

Originally created by @Ricardo1980 on GitHub (Jun 14, 2023).
Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1680

Description

When I add this line of code to my app:
request.addValue("User-Agent", forHTTPHeaderField: "lbroutingkey/canary")
Then SSL interception does not work and I see the error:
SSL Handshake Failed
And if I remove that line of code, it works.
BTW, with that line of code I want to overwrite the default value, which is perfectly valid. (The default value is DemoAppInternal/69 CFNetwork/1406.0.4 Darwin/22.3.0 in my app, but I don't want to send that)

Steps to Reproduce

Add the previous line of code and add your network requests to the SSL proxy list to see the content in Proxyman.
When your app sends a network request, you will not see the content in ProxyMan.

Current Behavior

I see SSL Handshake Failed

Expected Behavior

No error. I should be able to see the content of the network requests.

Environment

App version: Version 4.8.0 (48000)
macOS version: Ventura 13.2.1 (22D68)

Originally created by @Ricardo1980 on GitHub (Jun 14, 2023). Original GitHub issue: https://github.com/ProxymanApp/Proxyman/issues/1680 ## Description When I add this line of code to my app: `request.addValue("User-Agent", forHTTPHeaderField: "lbroutingkey/canary")` Then SSL interception does not work and I see the error: `SSL Handshake Failed` And if I remove that line of code, it works. BTW, with that line of code I want to overwrite the default value, which is perfectly valid. (The default value is `DemoAppInternal/69 CFNetwork/1406.0.4 Darwin/22.3.0` in my app, but I don't want to send that) <img width="1678" alt="Screenshot 2023-06-14 at 14 12 31" src="https://github.com/ProxymanApp/Proxyman/assets/738681/880d2019-85f7-4abb-9871-d2e17c5d6e2c"> <img width="1501" alt="Screenshot 2023-06-14 at 14 11 53" src="https://github.com/ProxymanApp/Proxyman/assets/738681/d40af168-7f9d-424d-942b-cee8e86eabe4"> ## Steps to Reproduce Add the previous line of code and add your network requests to the SSL proxy list to see the content in Proxyman. When your app sends a network request, you will not see the content in ProxyMan. ## Current Behavior I see `SSL Handshake Failed` ## Expected Behavior No error. I should be able to see the content of the network requests. ## Environment - App version: Version 4.8.0 (48000) - macOS version: Ventura 13.2.1 (22D68)

kerem added the

bug

label

2026-03-03 19:53:23 +03:00

kerem commented

2026-03-03 19:53:24 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Jun 14, 2023):

It's odd, the Header doesn't affect the SSL Proxying.

Can you fix your code, it should be:

request.addValue("lbroutingkey/canary", forHTTPHeaderField: "User-Agent")

instead of

request.addValue("User-Agent", forHTTPHeaderField: "lbroutingkey/canary")

@NghiaTranUIT commented on GitHub (Jun 14, 2023): It's odd, the Header doesn't affect the SSL Proxying. Can you fix your code, it should be: ```swift request.addValue("lbroutingkey/canary", forHTTPHeaderField: "User-Agent") ``` instead of ```swift request.addValue("User-Agent", forHTTPHeaderField: "lbroutingkey/canary") ```

kerem commented

2026-03-03 19:53:24 +03:00

Author

Owner

@Ricardo1980 commented on GitHub (Jun 14, 2023):

Thanks @NghiaTranUIT
I didn't realise key/value were reversed.
I fixed that and now ProxyMan is working fine.

In any case, I don't understand why it does not work if key/value is reversed.

Close the ticket if you want, or leave it open to take a look.

Thanks a lot!

@Ricardo1980 commented on GitHub (Jun 14, 2023): Thanks @NghiaTranUIT I didn't realise key/value were reversed. I fixed that and now ProxyMan is working fine. In any case, I don't understand why it does not work if key/value is reversed. Close the ticket if you want, or leave it open to take a look. Thanks a lot!

kerem commented

2026-03-03 19:53:24 +03:00

Author

Owner

@NghiaTranUIT commented on GitHub (Jun 14, 2023):

yes, I'm not sure about it too. It seems the URLSession is failed if the Header-Value is invalid.

@NghiaTranUIT commented on GitHub (Jun 14, 2023): yes, I'm not sure about it too. It seems the URLSession is failed if the Header-Value is invalid.